|
|
@@ -0,0 +1,12695 @@
|
|
|
+# This is an auto-generated file. DO NOT EDIT
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: applications.argoproj.io
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: applications.argoproj.io
|
|
|
+spec:
|
|
|
+ group: argoproj.io
|
|
|
+ names:
|
|
|
+ kind: Application
|
|
|
+ listKind: ApplicationList
|
|
|
+ plural: applications
|
|
|
+ shortNames:
|
|
|
+ - app
|
|
|
+ - apps
|
|
|
+ singular: application
|
|
|
+ scope: Namespaced
|
|
|
+ versions:
|
|
|
+ - additionalPrinterColumns:
|
|
|
+ - jsonPath: .status.sync.status
|
|
|
+ name: Sync Status
|
|
|
+ type: string
|
|
|
+ - jsonPath: .status.health.status
|
|
|
+ name: Health Status
|
|
|
+ type: string
|
|
|
+ - jsonPath: .status.sync.revision
|
|
|
+ name: Revision
|
|
|
+ priority: 10
|
|
|
+ type: string
|
|
|
+ name: v1alpha1
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ description: Application is a definition of Application resource.
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: 'APIVersion defines the versioned schema of this representation
|
|
|
+ of an object. Servers should convert recognized schemas to the latest
|
|
|
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind is a string value representing the REST resource this
|
|
|
+ object represents. Servers may infer this from the endpoint the client
|
|
|
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ operation:
|
|
|
+ description: Operation contains information about a requested or running
|
|
|
+ operation
|
|
|
+ properties:
|
|
|
+ info:
|
|
|
+ description: Info is a list of informational items for this operation
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ initiatedBy:
|
|
|
+ description: InitiatedBy contains information about who initiated
|
|
|
+ the operations
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ description: Automated is set to true if operation was initiated
|
|
|
+ automatically by the application controller.
|
|
|
+ type: boolean
|
|
|
+ username:
|
|
|
+ description: Username contains the name of a user who started
|
|
|
+ operation
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ description: Retry controls the strategy to apply if a sync fails
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ description: Backoff controls how to backoff on subsequent retries
|
|
|
+ of failed syncs
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ description: Duration is the amount to back off. Default unit
|
|
|
+ is seconds, but could also be a duration (e.g. "2m", "1h")
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ description: Factor is a factor to multiply the base duration
|
|
|
+ after each failed retry
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ description: MaxDuration is the maximum amount of time allowed
|
|
|
+ for the backoff strategy
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ description: Limit is the maximum number of attempts for retrying
|
|
|
+ a failed sync. If set to 0, no retries will be performed.
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ sync:
|
|
|
+ description: Sync contains parameters for the operation
|
|
|
+ properties:
|
|
|
+ dryRun:
|
|
|
+ description: DryRun specifies to perform a `kubectl apply --dry-run`
|
|
|
+ without actually performing the sync
|
|
|
+ type: boolean
|
|
|
+ manifests:
|
|
|
+ description: Manifests is an optional field that overrides sync
|
|
|
+ source with a local directory for development
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ prune:
|
|
|
+ description: Prune specifies to delete resources from the cluster
|
|
|
+ that are no longer tracked in git
|
|
|
+ type: boolean
|
|
|
+ resources:
|
|
|
+ description: Resources describes which resources shall be part
|
|
|
+ of the sync
|
|
|
+ items:
|
|
|
+ description: SyncOperationResource contains resources to sync.
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ - name
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ revision:
|
|
|
+ description: Revision is the revision (Git) or chart version (Helm)
|
|
|
+ which to sync the application to If omitted, will use the revision
|
|
|
+ specified in app spec.
|
|
|
+ type: string
|
|
|
+ source:
|
|
|
+ description: Source overrides the source definition set in the
|
|
|
+ application. This is typically set in a Rollback operation and
|
|
|
+ is nil during a Sync operation
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ description: Chart is a Helm chart name, and must be specified
|
|
|
+ for applications sourced from a Helm repo.
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ description: Directory holds path/directory specific options
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ description: Exclude contains a glob pattern to match
|
|
|
+ paths against that should be explicitly excluded from
|
|
|
+ being used during manifest generation
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ description: Include contains a glob pattern to match
|
|
|
+ paths against that should be explicitly included during
|
|
|
+ manifest generation
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ description: Jsonnet holds options specific to Jsonnet
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ description: ExtVars is a list of Jsonnet External
|
|
|
+ Variables
|
|
|
+ items:
|
|
|
+ description: JsonnetVar represents a variable to
|
|
|
+ be passed to jsonnet during manifest generation
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ description: Additional library search dirs
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ description: TLAS is a list of Jsonnet Top-level Arguments
|
|
|
+ items:
|
|
|
+ description: JsonnetVar represents a variable to
|
|
|
+ be passed to jsonnet during manifest generation
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ description: Recurse specifies whether to scan a directory
|
|
|
+ recursively for manifests
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ description: Helm holds helm specific options
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ description: FileParameters are file parameters to the
|
|
|
+ helm template
|
|
|
+ items:
|
|
|
+ description: HelmFileParameter is a file parameter that's
|
|
|
+ passed to helm template during manifest generation
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is the name of the Helm parameter
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ description: Path is the path to the file containing
|
|
|
+ the values for the Helm parameter
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ description: IgnoreMissingValueFiles prevents helm template
|
|
|
+ from failing when valueFiles do not exist locally by
|
|
|
+ not appending them to helm template --values
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ description: Parameters is a list of Helm parameters which
|
|
|
+ are passed to the helm template command upon manifest
|
|
|
+ generation
|
|
|
+ items:
|
|
|
+ description: HelmParameter is a parameter that's passed
|
|
|
+ to helm template during manifest generation
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ description: ForceString determines whether to tell
|
|
|
+ Helm to interpret booleans and numbers as strings
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ description: Name is the name of the Helm parameter
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: Value is the value for the Helm parameter
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ description: PassCredentials pass credentials to all domains
|
|
|
+ (Helm's --pass-credentials)
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ description: ReleaseName is the Helm release name to use.
|
|
|
+ If omitted it will use the application name
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ description: SkipCrds skips custom resource definition
|
|
|
+ installation step (Helm's --skip-crds)
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ description: ValuesFiles is a list of Helm value files
|
|
|
+ to use when generating a template
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ description: Values specifies Helm values to be passed
|
|
|
+ to helm template, typically defined as a block
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version is the Helm version to use for templating
|
|
|
+ ("3")
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ description: Kustomize holds kustomize specific options
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ description: CommonAnnotations is a list of additional
|
|
|
+ annotations to add to rendered manifests
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ description: CommonLabels is a list of additional labels
|
|
|
+ to add to rendered manifests
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ description: ForceCommonAnnotations specifies whether
|
|
|
+ to force applying common annotations to resources for
|
|
|
+ Kustomize apps
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ description: ForceCommonLabels specifies whether to force
|
|
|
+ applying common labels to resources for Kustomize apps
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ description: Images is a list of Kustomize image override
|
|
|
+ specifications
|
|
|
+ items:
|
|
|
+ description: KustomizeImage represents a Kustomize image
|
|
|
+ definition in the format [old_image_name=]<image_name>:<image_tag>
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ description: NamePrefix is a prefix appended to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ description: NameSuffix is a suffix appended to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version controls which version of Kustomize
|
|
|
+ to use for rendering manifests
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ description: Path is a directory path within the Git repository,
|
|
|
+ and is only valid for applications sourced from Git.
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ description: Plugin holds config management plugin specific
|
|
|
+ options
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ description: Env is a list of environment variable entries
|
|
|
+ items:
|
|
|
+ description: EnvEntry represents an entry in the application's
|
|
|
+ environment
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is the name of the variable, usually
|
|
|
+ expressed in uppercase
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: Value is the value of the variable
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ description: RepoURL is the URL to the repository (Git or
|
|
|
+ Helm) that contains the application manifests
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ description: TargetRevision defines the revision of the source
|
|
|
+ to sync the application to. In case of Git, this can be
|
|
|
+ commit, tag, or branch. If omitted, will equal to HEAD.
|
|
|
+ In case of Helm, this is a semver tag for the Chart's version.
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ description: SyncOptions provide per-sync sync-options, e.g. Validate=false
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ syncStrategy:
|
|
|
+ description: SyncStrategy describes how to perform the sync
|
|
|
+ properties:
|
|
|
+ apply:
|
|
|
+ description: Apply will perform a `kubectl apply` to perform
|
|
|
+ the sync.
|
|
|
+ properties:
|
|
|
+ force:
|
|
|
+ description: Force indicates whether or not to supply
|
|
|
+ the --force flag to `kubectl apply`. The --force flag
|
|
|
+ deletes and re-create the resource, when PATCH encounters
|
|
|
+ conflict and has retried for 5 times.
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ hook:
|
|
|
+ description: Hook will submit any referenced resources to
|
|
|
+ perform the sync. This is the default strategy
|
|
|
+ properties:
|
|
|
+ force:
|
|
|
+ description: Force indicates whether or not to supply
|
|
|
+ the --force flag to `kubectl apply`. The --force flag
|
|
|
+ deletes and re-create the resource, when PATCH encounters
|
|
|
+ conflict and has retried for 5 times.
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ description: ApplicationSpec represents desired application state. Contains
|
|
|
+ link to repository with application definition and additional parameters
|
|
|
+ link definition revision.
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ description: Destination is a reference to the target Kubernetes server
|
|
|
+ and namespace
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is an alternate way of specifying the target
|
|
|
+ cluster by its symbolic name
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ description: Namespace specifies the target namespace for the
|
|
|
+ application's resources. The namespace will only be set for
|
|
|
+ namespace-scoped resources that have not set a value for .metadata.namespace
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ description: Server specifies the URL of the target cluster and
|
|
|
+ must be set to the Kubernetes control plane API
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ description: IgnoreDifferences is a list of resources and their fields
|
|
|
+ which should be ignored during comparison
|
|
|
+ items:
|
|
|
+ description: ResourceIgnoreDifferences contains resource filter
|
|
|
+ and list of json paths which should be ignored during comparison
|
|
|
+ with live state.
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ description: ManagedFieldsManagers is a list of trusted managers.
|
|
|
+ Fields mutated by those managers will take precedence over
|
|
|
+ the desired state defined in the SCM and won't be displayed
|
|
|
+ in diffs
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ description: Info contains a list of information (URLs, email addresses,
|
|
|
+ and plain text) that relates to the application
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ description: Project is a reference to the project this application
|
|
|
+ belongs to. The empty string means that application belongs to the
|
|
|
+ 'default' project.
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ description: RevisionHistoryLimit limits the number of items kept
|
|
|
+ in the application's revision history, which is used for informational
|
|
|
+ purposes as well as for rollbacks to previous versions. This should
|
|
|
+ only be changed in exceptional circumstances. Setting to zero will
|
|
|
+ store no history. This will reduce storage used. Increasing will
|
|
|
+ increase the space used to store the history, so we do not recommend
|
|
|
+ increasing it. Default is 10.
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ description: Source is a reference to the location of the application's
|
|
|
+ manifests or chart
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ description: Chart is a Helm chart name, and must be specified
|
|
|
+ for applications sourced from a Helm repo.
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ description: Directory holds path/directory specific options
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ description: Exclude contains a glob pattern to match paths
|
|
|
+ against that should be explicitly excluded from being used
|
|
|
+ during manifest generation
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ description: Include contains a glob pattern to match paths
|
|
|
+ against that should be explicitly included during manifest
|
|
|
+ generation
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ description: Jsonnet holds options specific to Jsonnet
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ description: ExtVars is a list of Jsonnet External Variables
|
|
|
+ items:
|
|
|
+ description: JsonnetVar represents a variable to be
|
|
|
+ passed to jsonnet during manifest generation
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ description: Additional library search dirs
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ description: TLAS is a list of Jsonnet Top-level Arguments
|
|
|
+ items:
|
|
|
+ description: JsonnetVar represents a variable to be
|
|
|
+ passed to jsonnet during manifest generation
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ description: Recurse specifies whether to scan a directory
|
|
|
+ recursively for manifests
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ description: Helm holds helm specific options
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ description: FileParameters are file parameters to the helm
|
|
|
+ template
|
|
|
+ items:
|
|
|
+ description: HelmFileParameter is a file parameter that's
|
|
|
+ passed to helm template during manifest generation
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is the name of the Helm parameter
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ description: Path is the path to the file containing
|
|
|
+ the values for the Helm parameter
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ description: IgnoreMissingValueFiles prevents helm template
|
|
|
+ from failing when valueFiles do not exist locally by not
|
|
|
+ appending them to helm template --values
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ description: Parameters is a list of Helm parameters which
|
|
|
+ are passed to the helm template command upon manifest generation
|
|
|
+ items:
|
|
|
+ description: HelmParameter is a parameter that's passed
|
|
|
+ to helm template during manifest generation
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ description: ForceString determines whether to tell
|
|
|
+ Helm to interpret booleans and numbers as strings
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ description: Name is the name of the Helm parameter
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: Value is the value for the Helm parameter
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ description: PassCredentials pass credentials to all domains
|
|
|
+ (Helm's --pass-credentials)
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ description: ReleaseName is the Helm release name to use.
|
|
|
+ If omitted it will use the application name
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ description: SkipCrds skips custom resource definition installation
|
|
|
+ step (Helm's --skip-crds)
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ description: ValuesFiles is a list of Helm value files to
|
|
|
+ use when generating a template
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ description: Values specifies Helm values to be passed to
|
|
|
+ helm template, typically defined as a block
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version is the Helm version to use for templating
|
|
|
+ ("3")
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ description: Kustomize holds kustomize specific options
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ description: CommonAnnotations is a list of additional annotations
|
|
|
+ to add to rendered manifests
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ description: CommonLabels is a list of additional labels to
|
|
|
+ add to rendered manifests
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ description: ForceCommonAnnotations specifies whether to force
|
|
|
+ applying common annotations to resources for Kustomize apps
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ description: ForceCommonLabels specifies whether to force
|
|
|
+ applying common labels to resources for Kustomize apps
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ description: Images is a list of Kustomize image override
|
|
|
+ specifications
|
|
|
+ items:
|
|
|
+ description: KustomizeImage represents a Kustomize image
|
|
|
+ definition in the format [old_image_name=]<image_name>:<image_tag>
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ description: NamePrefix is a prefix appended to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ description: NameSuffix is a suffix appended to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version controls which version of Kustomize to
|
|
|
+ use for rendering manifests
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ description: Path is a directory path within the Git repository,
|
|
|
+ and is only valid for applications sourced from Git.
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ description: Plugin holds config management plugin specific options
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ description: Env is a list of environment variable entries
|
|
|
+ items:
|
|
|
+ description: EnvEntry represents an entry in the application's
|
|
|
+ environment
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is the name of the variable, usually
|
|
|
+ expressed in uppercase
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: Value is the value of the variable
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ description: RepoURL is the URL to the repository (Git or Helm)
|
|
|
+ that contains the application manifests
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ description: TargetRevision defines the revision of the source
|
|
|
+ to sync the application to. In case of Git, this can be commit,
|
|
|
+ tag, or branch. If omitted, will equal to HEAD. In case of Helm,
|
|
|
+ this is a semver tag for the Chart's version.
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ description: SyncPolicy controls when and how a sync will be performed
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ description: Automated will keep an application synced to the
|
|
|
+ target revision
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ description: 'AllowEmpty allows apps have zero live resources
|
|
|
+ (default: false)'
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ description: 'Prune specifies whether to delete resources
|
|
|
+ from the cluster that are not found in the sources anymore
|
|
|
+ as part of automated sync (default: false)'
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ description: 'SelfHeal specifes whether to revert resources
|
|
|
+ back to their desired state upon modification in the cluster
|
|
|
+ (default: false)'
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ description: ManagedNamespaceMetadata controls metadata in the
|
|
|
+ given namespace (if CreateNamespace=true)
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ description: Retry controls failed sync retry behavior
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ description: Backoff controls how to backoff on subsequent
|
|
|
+ retries of failed syncs
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ description: Duration is the amount to back off. Default
|
|
|
+ unit is seconds, but could also be a duration (e.g.
|
|
|
+ "2m", "1h")
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ description: Factor is a factor to multiply the base duration
|
|
|
+ after each failed retry
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ description: MaxDuration is the maximum amount of time
|
|
|
+ allowed for the backoff strategy
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ description: Limit is the maximum number of attempts for retrying
|
|
|
+ a failed sync. If set to 0, no retries will be performed.
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ description: Options allow you to specify whole app sync-options
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ status:
|
|
|
+ description: ApplicationStatus contains status information for the application
|
|
|
+ properties:
|
|
|
+ conditions:
|
|
|
+ description: Conditions is a list of currently observed application
|
|
|
+ conditions
|
|
|
+ items:
|
|
|
+ description: ApplicationCondition contains details about an application
|
|
|
+ condition, which is usally an error or warning
|
|
|
+ properties:
|
|
|
+ lastTransitionTime:
|
|
|
+ description: LastTransitionTime is the time the condition was
|
|
|
+ last observed
|
|
|
+ format: date-time
|
|
|
+ type: string
|
|
|
+ message:
|
|
|
+ description: Message contains human-readable message indicating
|
|
|
+ details about condition
|
|
|
+ type: string
|
|
|
+ type:
|
|
|
+ description: Type is an application condition type
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - message
|
|
|
+ - type
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ health:
|
|
|
+ description: Health contains information about the application's current
|
|
|
+ health status
|
|
|
+ properties:
|
|
|
+ message:
|
|
|
+ description: Message is a human-readable informational message
|
|
|
+ describing the health status
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status holds the status code of the application or
|
|
|
+ resource
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ history:
|
|
|
+ description: History contains information about the application's
|
|
|
+ sync history
|
|
|
+ items:
|
|
|
+ description: RevisionHistory contains history information about
|
|
|
+ a previous sync
|
|
|
+ properties:
|
|
|
+ deployStartedAt:
|
|
|
+ description: DeployStartedAt holds the time the sync operation
|
|
|
+ started
|
|
|
+ format: date-time
|
|
|
+ type: string
|
|
|
+ deployedAt:
|
|
|
+ description: DeployedAt holds the time the sync operation completed
|
|
|
+ format: date-time
|
|
|
+ type: string
|
|
|
+ id:
|
|
|
+ description: ID is an auto incrementing identifier of the RevisionHistory
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ revision:
|
|
|
+ description: Revision holds the revision the sync was performed
|
|
|
+ against
|
|
|
+ type: string
|
|
|
+ source:
|
|
|
+ description: Source is a reference to the application source
|
|
|
+ used for the sync operation
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ description: Chart is a Helm chart name, and must be specified
|
|
|
+ for applications sourced from a Helm repo.
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ description: Directory holds path/directory specific options
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ description: Exclude contains a glob pattern to match
|
|
|
+ paths against that should be explicitly excluded from
|
|
|
+ being used during manifest generation
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ description: Include contains a glob pattern to match
|
|
|
+ paths against that should be explicitly included during
|
|
|
+ manifest generation
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ description: Jsonnet holds options specific to Jsonnet
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ description: ExtVars is a list of Jsonnet External
|
|
|
+ Variables
|
|
|
+ items:
|
|
|
+ description: JsonnetVar represents a variable
|
|
|
+ to be passed to jsonnet during manifest generation
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ description: Additional library search dirs
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ description: TLAS is a list of Jsonnet Top-level
|
|
|
+ Arguments
|
|
|
+ items:
|
|
|
+ description: JsonnetVar represents a variable
|
|
|
+ to be passed to jsonnet during manifest generation
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ description: Recurse specifies whether to scan a directory
|
|
|
+ recursively for manifests
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ description: Helm holds helm specific options
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ description: FileParameters are file parameters to the
|
|
|
+ helm template
|
|
|
+ items:
|
|
|
+ description: HelmFileParameter is a file parameter
|
|
|
+ that's passed to helm template during manifest generation
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is the name of the Helm parameter
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ description: Path is the path to the file containing
|
|
|
+ the values for the Helm parameter
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ description: IgnoreMissingValueFiles prevents helm template
|
|
|
+ from failing when valueFiles do not exist locally
|
|
|
+ by not appending them to helm template --values
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ description: Parameters is a list of Helm parameters
|
|
|
+ which are passed to the helm template command upon
|
|
|
+ manifest generation
|
|
|
+ items:
|
|
|
+ description: HelmParameter is a parameter that's passed
|
|
|
+ to helm template during manifest generation
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ description: ForceString determines whether to
|
|
|
+ tell Helm to interpret booleans and numbers
|
|
|
+ as strings
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ description: Name is the name of the Helm parameter
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: Value is the value for the Helm parameter
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ description: PassCredentials pass credentials to all
|
|
|
+ domains (Helm's --pass-credentials)
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ description: ReleaseName is the Helm release name to
|
|
|
+ use. If omitted it will use the application name
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ description: SkipCrds skips custom resource definition
|
|
|
+ installation step (Helm's --skip-crds)
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ description: ValuesFiles is a list of Helm value files
|
|
|
+ to use when generating a template
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ description: Values specifies Helm values to be passed
|
|
|
+ to helm template, typically defined as a block
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version is the Helm version to use for
|
|
|
+ templating ("3")
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ description: Kustomize holds kustomize specific options
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ description: CommonAnnotations is a list of additional
|
|
|
+ annotations to add to rendered manifests
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ description: CommonLabels is a list of additional labels
|
|
|
+ to add to rendered manifests
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ description: ForceCommonAnnotations specifies whether
|
|
|
+ to force applying common annotations to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ description: ForceCommonLabels specifies whether to
|
|
|
+ force applying common labels to resources for Kustomize
|
|
|
+ apps
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ description: Images is a list of Kustomize image override
|
|
|
+ specifications
|
|
|
+ items:
|
|
|
+ description: KustomizeImage represents a Kustomize
|
|
|
+ image definition in the format [old_image_name=]<image_name>:<image_tag>
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ description: NamePrefix is a prefix appended to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ description: NameSuffix is a suffix appended to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version controls which version of Kustomize
|
|
|
+ to use for rendering manifests
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ description: Path is a directory path within the Git repository,
|
|
|
+ and is only valid for applications sourced from Git.
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ description: Plugin holds config management plugin specific
|
|
|
+ options
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ description: Env is a list of environment variable entries
|
|
|
+ items:
|
|
|
+ description: EnvEntry represents an entry in the application's
|
|
|
+ environment
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is the name of the variable,
|
|
|
+ usually expressed in uppercase
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: Value is the value of the variable
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ description: RepoURL is the URL to the repository (Git or
|
|
|
+ Helm) that contains the application manifests
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ description: TargetRevision defines the revision of the
|
|
|
+ source to sync the application to. In case of Git, this
|
|
|
+ can be commit, tag, or branch. If omitted, will equal
|
|
|
+ to HEAD. In case of Helm, this is a semver tag for the
|
|
|
+ Chart's version.
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - deployedAt
|
|
|
+ - id
|
|
|
+ - revision
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ observedAt:
|
|
|
+ description: 'ObservedAt indicates when the application state was
|
|
|
+ updated without querying latest git state Deprecated: controller
|
|
|
+ no longer updates ObservedAt field'
|
|
|
+ format: date-time
|
|
|
+ type: string
|
|
|
+ operationState:
|
|
|
+ description: OperationState contains information about any ongoing
|
|
|
+ operations, such as a sync
|
|
|
+ properties:
|
|
|
+ finishedAt:
|
|
|
+ description: FinishedAt contains time of operation completion
|
|
|
+ format: date-time
|
|
|
+ type: string
|
|
|
+ message:
|
|
|
+ description: Message holds any pertinent messages when attempting
|
|
|
+ to perform operation (typically errors).
|
|
|
+ type: string
|
|
|
+ operation:
|
|
|
+ description: Operation is the original requested operation
|
|
|
+ properties:
|
|
|
+ info:
|
|
|
+ description: Info is a list of informational items for this
|
|
|
+ operation
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ initiatedBy:
|
|
|
+ description: InitiatedBy contains information about who initiated
|
|
|
+ the operations
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ description: Automated is set to true if operation was
|
|
|
+ initiated automatically by the application controller.
|
|
|
+ type: boolean
|
|
|
+ username:
|
|
|
+ description: Username contains the name of a user who
|
|
|
+ started operation
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ description: Retry controls the strategy to apply if a sync
|
|
|
+ fails
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ description: Backoff controls how to backoff on subsequent
|
|
|
+ retries of failed syncs
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ description: Duration is the amount to back off. Default
|
|
|
+ unit is seconds, but could also be a duration (e.g.
|
|
|
+ "2m", "1h")
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ description: Factor is a factor to multiply the base
|
|
|
+ duration after each failed retry
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ description: MaxDuration is the maximum amount of
|
|
|
+ time allowed for the backoff strategy
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ description: Limit is the maximum number of attempts for
|
|
|
+ retrying a failed sync. If set to 0, no retries will
|
|
|
+ be performed.
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ sync:
|
|
|
+ description: Sync contains parameters for the operation
|
|
|
+ properties:
|
|
|
+ dryRun:
|
|
|
+ description: DryRun specifies to perform a `kubectl apply
|
|
|
+ --dry-run` without actually performing the sync
|
|
|
+ type: boolean
|
|
|
+ manifests:
|
|
|
+ description: Manifests is an optional field that overrides
|
|
|
+ sync source with a local directory for development
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ prune:
|
|
|
+ description: Prune specifies to delete resources from
|
|
|
+ the cluster that are no longer tracked in git
|
|
|
+ type: boolean
|
|
|
+ resources:
|
|
|
+ description: Resources describes which resources shall
|
|
|
+ be part of the sync
|
|
|
+ items:
|
|
|
+ description: SyncOperationResource contains resources
|
|
|
+ to sync.
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ - name
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ revision:
|
|
|
+ description: Revision is the revision (Git) or chart version
|
|
|
+ (Helm) which to sync the application to If omitted,
|
|
|
+ will use the revision specified in app spec.
|
|
|
+ type: string
|
|
|
+ source:
|
|
|
+ description: Source overrides the source definition set
|
|
|
+ in the application. This is typically set in a Rollback
|
|
|
+ operation and is nil during a Sync operation
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ description: Chart is a Helm chart name, and must
|
|
|
+ be specified for applications sourced from a Helm
|
|
|
+ repo.
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ description: Directory holds path/directory specific
|
|
|
+ options
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ description: Exclude contains a glob pattern to
|
|
|
+ match paths against that should be explicitly
|
|
|
+ excluded from being used during manifest generation
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ description: Include contains a glob pattern to
|
|
|
+ match paths against that should be explicitly
|
|
|
+ included during manifest generation
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ description: Jsonnet holds options specific to
|
|
|
+ Jsonnet
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ description: ExtVars is a list of Jsonnet
|
|
|
+ External Variables
|
|
|
+ items:
|
|
|
+ description: JsonnetVar represents a variable
|
|
|
+ to be passed to jsonnet during manifest
|
|
|
+ generation
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ description: Additional library search dirs
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ description: TLAS is a list of Jsonnet Top-level
|
|
|
+ Arguments
|
|
|
+ items:
|
|
|
+ description: JsonnetVar represents a variable
|
|
|
+ to be passed to jsonnet during manifest
|
|
|
+ generation
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ description: Recurse specifies whether to scan
|
|
|
+ a directory recursively for manifests
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ description: Helm holds helm specific options
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ description: FileParameters are file parameters
|
|
|
+ to the helm template
|
|
|
+ items:
|
|
|
+ description: HelmFileParameter is a file parameter
|
|
|
+ that's passed to helm template during manifest
|
|
|
+ generation
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is the name of the Helm
|
|
|
+ parameter
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ description: Path is the path to the file
|
|
|
+ containing the values for the Helm parameter
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ description: IgnoreMissingValueFiles prevents
|
|
|
+ helm template from failing when valueFiles do
|
|
|
+ not exist locally by not appending them to helm
|
|
|
+ template --values
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ description: Parameters is a list of Helm parameters
|
|
|
+ which are passed to the helm template command
|
|
|
+ upon manifest generation
|
|
|
+ items:
|
|
|
+ description: HelmParameter is a parameter that's
|
|
|
+ passed to helm template during manifest generation
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ description: ForceString determines whether
|
|
|
+ to tell Helm to interpret booleans and
|
|
|
+ numbers as strings
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ description: Name is the name of the Helm
|
|
|
+ parameter
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: Value is the value for the
|
|
|
+ Helm parameter
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ description: PassCredentials pass credentials
|
|
|
+ to all domains (Helm's --pass-credentials)
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ description: ReleaseName is the Helm release name
|
|
|
+ to use. If omitted it will use the application
|
|
|
+ name
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ description: SkipCrds skips custom resource definition
|
|
|
+ installation step (Helm's --skip-crds)
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ description: ValuesFiles is a list of Helm value
|
|
|
+ files to use when generating a template
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ description: Values specifies Helm values to be
|
|
|
+ passed to helm template, typically defined as
|
|
|
+ a block
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version is the Helm version to use
|
|
|
+ for templating ("3")
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ description: Kustomize holds kustomize specific options
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ description: CommonAnnotations is a list of additional
|
|
|
+ annotations to add to rendered manifests
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ description: CommonLabels is a list of additional
|
|
|
+ labels to add to rendered manifests
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ description: ForceCommonAnnotations specifies
|
|
|
+ whether to force applying common annotations
|
|
|
+ to resources for Kustomize apps
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ description: ForceCommonLabels specifies whether
|
|
|
+ to force applying common labels to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ description: Images is a list of Kustomize image
|
|
|
+ override specifications
|
|
|
+ items:
|
|
|
+ description: KustomizeImage represents a Kustomize
|
|
|
+ image definition in the format [old_image_name=]<image_name>:<image_tag>
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ description: NamePrefix is a prefix appended to
|
|
|
+ resources for Kustomize apps
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ description: NameSuffix is a suffix appended to
|
|
|
+ resources for Kustomize apps
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version controls which version of
|
|
|
+ Kustomize to use for rendering manifests
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ description: Path is a directory path within the Git
|
|
|
+ repository, and is only valid for applications sourced
|
|
|
+ from Git.
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ description: Plugin holds config management plugin
|
|
|
+ specific options
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ description: Env is a list of environment variable
|
|
|
+ entries
|
|
|
+ items:
|
|
|
+ description: EnvEntry represents an entry in
|
|
|
+ the application's environment
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is the name of the variable,
|
|
|
+ usually expressed in uppercase
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: Value is the value of the variable
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ description: RepoURL is the URL to the repository
|
|
|
+ (Git or Helm) that contains the application manifests
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ description: TargetRevision defines the revision of
|
|
|
+ the source to sync the application to. In case of
|
|
|
+ Git, this can be commit, tag, or branch. If omitted,
|
|
|
+ will equal to HEAD. In case of Helm, this is a semver
|
|
|
+ tag for the Chart's version.
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ description: SyncOptions provide per-sync sync-options,
|
|
|
+ e.g. Validate=false
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ syncStrategy:
|
|
|
+ description: SyncStrategy describes how to perform the
|
|
|
+ sync
|
|
|
+ properties:
|
|
|
+ apply:
|
|
|
+ description: Apply will perform a `kubectl apply`
|
|
|
+ to perform the sync.
|
|
|
+ properties:
|
|
|
+ force:
|
|
|
+ description: Force indicates whether or not to
|
|
|
+ supply the --force flag to `kubectl apply`.
|
|
|
+ The --force flag deletes and re-create the resource,
|
|
|
+ when PATCH encounters conflict and has retried
|
|
|
+ for 5 times.
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ hook:
|
|
|
+ description: Hook will submit any referenced resources
|
|
|
+ to perform the sync. This is the default strategy
|
|
|
+ properties:
|
|
|
+ force:
|
|
|
+ description: Force indicates whether or not to
|
|
|
+ supply the --force flag to `kubectl apply`.
|
|
|
+ The --force flag deletes and re-create the resource,
|
|
|
+ when PATCH encounters conflict and has retried
|
|
|
+ for 5 times.
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ phase:
|
|
|
+ description: Phase is the current phase of the operation
|
|
|
+ type: string
|
|
|
+ retryCount:
|
|
|
+ description: RetryCount contains time of operation retries
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ startedAt:
|
|
|
+ description: StartedAt contains time of operation start
|
|
|
+ format: date-time
|
|
|
+ type: string
|
|
|
+ syncResult:
|
|
|
+ description: SyncResult is the result of a Sync operation
|
|
|
+ properties:
|
|
|
+ resources:
|
|
|
+ description: Resources contains a list of sync result items
|
|
|
+ for each individual resource in a sync operation
|
|
|
+ items:
|
|
|
+ description: ResourceResult holds the operation result details
|
|
|
+ of a specific resource
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ description: Group specifies the API group of the resource
|
|
|
+ type: string
|
|
|
+ hookPhase:
|
|
|
+ description: HookPhase contains the state of any operation
|
|
|
+ associated with this resource OR hook This can also
|
|
|
+ contain values for non-hook resources.
|
|
|
+ type: string
|
|
|
+ hookType:
|
|
|
+ description: HookType specifies the type of the hook.
|
|
|
+ Empty for non-hook resources
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: Kind specifies the API kind of the resource
|
|
|
+ type: string
|
|
|
+ message:
|
|
|
+ description: Message contains an informational or error
|
|
|
+ message for the last sync OR operation
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: Name specifies the name of the resource
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ description: Namespace specifies the target namespace
|
|
|
+ of the resource
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status holds the final result of the sync.
|
|
|
+ Will be empty if the resources is yet to be applied/pruned
|
|
|
+ and is always zero-value for hooks
|
|
|
+ type: string
|
|
|
+ syncPhase:
|
|
|
+ description: SyncPhase indicates the particular phase
|
|
|
+ of the sync that this result was acquired in
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version specifies the API version of the
|
|
|
+ resource
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - group
|
|
|
+ - kind
|
|
|
+ - name
|
|
|
+ - namespace
|
|
|
+ - version
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ revision:
|
|
|
+ description: Revision holds the revision this sync operation
|
|
|
+ was performed to
|
|
|
+ type: string
|
|
|
+ source:
|
|
|
+ description: Source records the application source information
|
|
|
+ of the sync, used for comparing auto-sync
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ description: Chart is a Helm chart name, and must be specified
|
|
|
+ for applications sourced from a Helm repo.
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ description: Directory holds path/directory specific options
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ description: Exclude contains a glob pattern to match
|
|
|
+ paths against that should be explicitly excluded
|
|
|
+ from being used during manifest generation
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ description: Include contains a glob pattern to match
|
|
|
+ paths against that should be explicitly included
|
|
|
+ during manifest generation
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ description: Jsonnet holds options specific to Jsonnet
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ description: ExtVars is a list of Jsonnet External
|
|
|
+ Variables
|
|
|
+ items:
|
|
|
+ description: JsonnetVar represents a variable
|
|
|
+ to be passed to jsonnet during manifest generation
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ description: Additional library search dirs
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ description: TLAS is a list of Jsonnet Top-level
|
|
|
+ Arguments
|
|
|
+ items:
|
|
|
+ description: JsonnetVar represents a variable
|
|
|
+ to be passed to jsonnet during manifest generation
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ description: Recurse specifies whether to scan a directory
|
|
|
+ recursively for manifests
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ description: Helm holds helm specific options
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ description: FileParameters are file parameters to
|
|
|
+ the helm template
|
|
|
+ items:
|
|
|
+ description: HelmFileParameter is a file parameter
|
|
|
+ that's passed to helm template during manifest
|
|
|
+ generation
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is the name of the Helm parameter
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ description: Path is the path to the file containing
|
|
|
+ the values for the Helm parameter
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ description: IgnoreMissingValueFiles prevents helm
|
|
|
+ template from failing when valueFiles do not exist
|
|
|
+ locally by not appending them to helm template --values
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ description: Parameters is a list of Helm parameters
|
|
|
+ which are passed to the helm template command upon
|
|
|
+ manifest generation
|
|
|
+ items:
|
|
|
+ description: HelmParameter is a parameter that's
|
|
|
+ passed to helm template during manifest generation
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ description: ForceString determines whether
|
|
|
+ to tell Helm to interpret booleans and numbers
|
|
|
+ as strings
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ description: Name is the name of the Helm parameter
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: Value is the value for the Helm
|
|
|
+ parameter
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ description: PassCredentials pass credentials to all
|
|
|
+ domains (Helm's --pass-credentials)
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ description: ReleaseName is the Helm release name
|
|
|
+ to use. If omitted it will use the application name
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ description: SkipCrds skips custom resource definition
|
|
|
+ installation step (Helm's --skip-crds)
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ description: ValuesFiles is a list of Helm value files
|
|
|
+ to use when generating a template
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ description: Values specifies Helm values to be passed
|
|
|
+ to helm template, typically defined as a block
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version is the Helm version to use for
|
|
|
+ templating ("3")
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ description: Kustomize holds kustomize specific options
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ description: CommonAnnotations is a list of additional
|
|
|
+ annotations to add to rendered manifests
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ description: CommonLabels is a list of additional
|
|
|
+ labels to add to rendered manifests
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ description: ForceCommonAnnotations specifies whether
|
|
|
+ to force applying common annotations to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ description: ForceCommonLabels specifies whether to
|
|
|
+ force applying common labels to resources for Kustomize
|
|
|
+ apps
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ description: Images is a list of Kustomize image override
|
|
|
+ specifications
|
|
|
+ items:
|
|
|
+ description: KustomizeImage represents a Kustomize
|
|
|
+ image definition in the format [old_image_name=]<image_name>:<image_tag>
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ description: NamePrefix is a prefix appended to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ description: NameSuffix is a suffix appended to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version controls which version of Kustomize
|
|
|
+ to use for rendering manifests
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ description: Path is a directory path within the Git repository,
|
|
|
+ and is only valid for applications sourced from Git.
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ description: Plugin holds config management plugin specific
|
|
|
+ options
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ description: Env is a list of environment variable
|
|
|
+ entries
|
|
|
+ items:
|
|
|
+ description: EnvEntry represents an entry in the
|
|
|
+ application's environment
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is the name of the variable,
|
|
|
+ usually expressed in uppercase
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: Value is the value of the variable
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ description: RepoURL is the URL to the repository (Git
|
|
|
+ or Helm) that contains the application manifests
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ description: TargetRevision defines the revision of the
|
|
|
+ source to sync the application to. In case of Git, this
|
|
|
+ can be commit, tag, or branch. If omitted, will equal
|
|
|
+ to HEAD. In case of Helm, this is a semver tag for the
|
|
|
+ Chart's version.
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - revision
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - operation
|
|
|
+ - phase
|
|
|
+ - startedAt
|
|
|
+ type: object
|
|
|
+ reconciledAt:
|
|
|
+ description: ReconciledAt indicates when the application state was
|
|
|
+ reconciled using the latest git version
|
|
|
+ format: date-time
|
|
|
+ type: string
|
|
|
+ resourceHealthSource:
|
|
|
+ description: 'ResourceHealthSource indicates where the resource health
|
|
|
+ status is stored: inline if not set or appTree'
|
|
|
+ type: string
|
|
|
+ resources:
|
|
|
+ description: Resources is a list of Kubernetes resources managed by
|
|
|
+ this application
|
|
|
+ items:
|
|
|
+ description: 'ResourceStatus holds the current sync and health status
|
|
|
+ of a resource TODO: describe members of this type'
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ health:
|
|
|
+ description: HealthStatus contains information about the currently
|
|
|
+ observed health state of an application or resource
|
|
|
+ properties:
|
|
|
+ message:
|
|
|
+ description: Message is a human-readable informational message
|
|
|
+ describing the health status
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status holds the status code of the application
|
|
|
+ or resource
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ hook:
|
|
|
+ type: boolean
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ requiresPruning:
|
|
|
+ type: boolean
|
|
|
+ status:
|
|
|
+ description: SyncStatusCode is a type which represents possible
|
|
|
+ comparison results
|
|
|
+ type: string
|
|
|
+ syncWave:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ sourceType:
|
|
|
+ description: SourceType specifies the type of this application
|
|
|
+ type: string
|
|
|
+ summary:
|
|
|
+ description: Summary contains a list of URLs and container images
|
|
|
+ used by this application
|
|
|
+ properties:
|
|
|
+ externalURLs:
|
|
|
+ description: ExternalURLs holds all external URLs of application
|
|
|
+ child resources.
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ images:
|
|
|
+ description: Images holds all images of application child resources.
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ sync:
|
|
|
+ description: Sync contains information about the application's current
|
|
|
+ sync status
|
|
|
+ properties:
|
|
|
+ comparedTo:
|
|
|
+ description: ComparedTo contains information about what has been
|
|
|
+ compared
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ description: Destination is a reference to the application's
|
|
|
+ destination used for comparison
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is an alternate way of specifying the
|
|
|
+ target cluster by its symbolic name
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ description: Namespace specifies the target namespace
|
|
|
+ for the application's resources. The namespace will
|
|
|
+ only be set for namespace-scoped resources that have
|
|
|
+ not set a value for .metadata.namespace
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ description: Server specifies the URL of the target cluster
|
|
|
+ and must be set to the Kubernetes control plane API
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ source:
|
|
|
+ description: Source is a reference to the application's source
|
|
|
+ used for comparison
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ description: Chart is a Helm chart name, and must be specified
|
|
|
+ for applications sourced from a Helm repo.
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ description: Directory holds path/directory specific options
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ description: Exclude contains a glob pattern to match
|
|
|
+ paths against that should be explicitly excluded
|
|
|
+ from being used during manifest generation
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ description: Include contains a glob pattern to match
|
|
|
+ paths against that should be explicitly included
|
|
|
+ during manifest generation
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ description: Jsonnet holds options specific to Jsonnet
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ description: ExtVars is a list of Jsonnet External
|
|
|
+ Variables
|
|
|
+ items:
|
|
|
+ description: JsonnetVar represents a variable
|
|
|
+ to be passed to jsonnet during manifest generation
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ description: Additional library search dirs
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ description: TLAS is a list of Jsonnet Top-level
|
|
|
+ Arguments
|
|
|
+ items:
|
|
|
+ description: JsonnetVar represents a variable
|
|
|
+ to be passed to jsonnet during manifest generation
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ description: Recurse specifies whether to scan a directory
|
|
|
+ recursively for manifests
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ description: Helm holds helm specific options
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ description: FileParameters are file parameters to
|
|
|
+ the helm template
|
|
|
+ items:
|
|
|
+ description: HelmFileParameter is a file parameter
|
|
|
+ that's passed to helm template during manifest
|
|
|
+ generation
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is the name of the Helm parameter
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ description: Path is the path to the file containing
|
|
|
+ the values for the Helm parameter
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ description: IgnoreMissingValueFiles prevents helm
|
|
|
+ template from failing when valueFiles do not exist
|
|
|
+ locally by not appending them to helm template --values
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ description: Parameters is a list of Helm parameters
|
|
|
+ which are passed to the helm template command upon
|
|
|
+ manifest generation
|
|
|
+ items:
|
|
|
+ description: HelmParameter is a parameter that's
|
|
|
+ passed to helm template during manifest generation
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ description: ForceString determines whether
|
|
|
+ to tell Helm to interpret booleans and numbers
|
|
|
+ as strings
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ description: Name is the name of the Helm parameter
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: Value is the value for the Helm
|
|
|
+ parameter
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ description: PassCredentials pass credentials to all
|
|
|
+ domains (Helm's --pass-credentials)
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ description: ReleaseName is the Helm release name
|
|
|
+ to use. If omitted it will use the application name
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ description: SkipCrds skips custom resource definition
|
|
|
+ installation step (Helm's --skip-crds)
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ description: ValuesFiles is a list of Helm value files
|
|
|
+ to use when generating a template
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ description: Values specifies Helm values to be passed
|
|
|
+ to helm template, typically defined as a block
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version is the Helm version to use for
|
|
|
+ templating ("3")
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ description: Kustomize holds kustomize specific options
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ description: CommonAnnotations is a list of additional
|
|
|
+ annotations to add to rendered manifests
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ description: CommonLabels is a list of additional
|
|
|
+ labels to add to rendered manifests
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ description: ForceCommonAnnotations specifies whether
|
|
|
+ to force applying common annotations to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ description: ForceCommonLabels specifies whether to
|
|
|
+ force applying common labels to resources for Kustomize
|
|
|
+ apps
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ description: Images is a list of Kustomize image override
|
|
|
+ specifications
|
|
|
+ items:
|
|
|
+ description: KustomizeImage represents a Kustomize
|
|
|
+ image definition in the format [old_image_name=]<image_name>:<image_tag>
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ description: NamePrefix is a prefix appended to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ description: NameSuffix is a suffix appended to resources
|
|
|
+ for Kustomize apps
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ description: Version controls which version of Kustomize
|
|
|
+ to use for rendering manifests
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ description: Path is a directory path within the Git repository,
|
|
|
+ and is only valid for applications sourced from Git.
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ description: Plugin holds config management plugin specific
|
|
|
+ options
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ description: Env is a list of environment variable
|
|
|
+ entries
|
|
|
+ items:
|
|
|
+ description: EnvEntry represents an entry in the
|
|
|
+ application's environment
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is the name of the variable,
|
|
|
+ usually expressed in uppercase
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: Value is the value of the variable
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ description: RepoURL is the URL to the repository (Git
|
|
|
+ or Helm) that contains the application manifests
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ description: TargetRevision defines the revision of the
|
|
|
+ source to sync the application to. In case of Git, this
|
|
|
+ can be commit, tag, or branch. If omitted, will equal
|
|
|
+ to HEAD. In case of Helm, this is a semver tag for the
|
|
|
+ Chart's version.
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ revision:
|
|
|
+ description: Revision contains information about the revision
|
|
|
+ the comparison has been performed to
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status is the sync state of the comparison
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - status
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources: {}
|
|
|
+---
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: applicationsets.argoproj.io
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: applicationsets.argoproj.io
|
|
|
+spec:
|
|
|
+ group: argoproj.io
|
|
|
+ names:
|
|
|
+ kind: ApplicationSet
|
|
|
+ listKind: ApplicationSetList
|
|
|
+ plural: applicationsets
|
|
|
+ shortNames:
|
|
|
+ - appset
|
|
|
+ - appsets
|
|
|
+ singular: applicationset
|
|
|
+ scope: Namespaced
|
|
|
+ versions:
|
|
|
+ - name: v1alpha1
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ generators:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ clusterDecisionResource:
|
|
|
+ properties:
|
|
|
+ configMapRef:
|
|
|
+ type: string
|
|
|
+ labelSelector:
|
|
|
+ properties:
|
|
|
+ matchExpressions:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ operator:
|
|
|
+ type: string
|
|
|
+ values:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - operator
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ matchLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ requeueAfterSeconds:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ values:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - configMapRef
|
|
|
+ type: object
|
|
|
+ clusters:
|
|
|
+ properties:
|
|
|
+ selector:
|
|
|
+ properties:
|
|
|
+ matchExpressions:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ operator:
|
|
|
+ type: string
|
|
|
+ values:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - operator
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ matchLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ values:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ git:
|
|
|
+ properties:
|
|
|
+ directories:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: boolean
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - path
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ files:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - path
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ requeueAfterSeconds:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ revision:
|
|
|
+ type: string
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ - revision
|
|
|
+ type: object
|
|
|
+ list:
|
|
|
+ properties:
|
|
|
+ elements:
|
|
|
+ items:
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ type: array
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - elements
|
|
|
+ type: object
|
|
|
+ matrix:
|
|
|
+ properties:
|
|
|
+ generators:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ clusterDecisionResource:
|
|
|
+ properties:
|
|
|
+ configMapRef:
|
|
|
+ type: string
|
|
|
+ labelSelector:
|
|
|
+ properties:
|
|
|
+ matchExpressions:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ operator:
|
|
|
+ type: string
|
|
|
+ values:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - operator
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ matchLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ requeueAfterSeconds:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ values:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - configMapRef
|
|
|
+ type: object
|
|
|
+ clusters:
|
|
|
+ properties:
|
|
|
+ selector:
|
|
|
+ properties:
|
|
|
+ matchExpressions:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ operator:
|
|
|
+ type: string
|
|
|
+ values:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - operator
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ matchLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ values:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ git:
|
|
|
+ properties:
|
|
|
+ directories:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: boolean
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - path
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ files:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - path
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ requeueAfterSeconds:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ revision:
|
|
|
+ type: string
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ - revision
|
|
|
+ type: object
|
|
|
+ list:
|
|
|
+ properties:
|
|
|
+ elements:
|
|
|
+ items:
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ type: array
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - elements
|
|
|
+ type: object
|
|
|
+ matrix:
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ merge:
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ pullRequest:
|
|
|
+ properties:
|
|
|
+ bitbucketServer:
|
|
|
+ properties:
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ basicAuth:
|
|
|
+ properties:
|
|
|
+ passwordRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ username:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - passwordRef
|
|
|
+ - username
|
|
|
+ type: object
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ repo:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - api
|
|
|
+ - project
|
|
|
+ - repo
|
|
|
+ type: object
|
|
|
+ filters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ branchMatch:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ gitea:
|
|
|
+ properties:
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ insecure:
|
|
|
+ type: boolean
|
|
|
+ owner:
|
|
|
+ type: string
|
|
|
+ repo:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - api
|
|
|
+ - owner
|
|
|
+ - repo
|
|
|
+ type: object
|
|
|
+ github:
|
|
|
+ properties:
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ appSecretName:
|
|
|
+ type: string
|
|
|
+ labels:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ owner:
|
|
|
+ type: string
|
|
|
+ repo:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - owner
|
|
|
+ - repo
|
|
|
+ type: object
|
|
|
+ gitlab:
|
|
|
+ properties:
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ labels:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ pullRequestState:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - project
|
|
|
+ type: object
|
|
|
+ requeueAfterSeconds:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ scmProvider:
|
|
|
+ properties:
|
|
|
+ azureDevOps:
|
|
|
+ properties:
|
|
|
+ accessTokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ organization:
|
|
|
+ type: string
|
|
|
+ teamProject:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - accessTokenRef
|
|
|
+ - organization
|
|
|
+ - teamProject
|
|
|
+ type: object
|
|
|
+ bitbucket:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ appPasswordRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ owner:
|
|
|
+ type: string
|
|
|
+ user:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - appPasswordRef
|
|
|
+ - owner
|
|
|
+ - user
|
|
|
+ type: object
|
|
|
+ bitbucketServer:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ basicAuth:
|
|
|
+ properties:
|
|
|
+ passwordRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ username:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - passwordRef
|
|
|
+ - username
|
|
|
+ type: object
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - api
|
|
|
+ - project
|
|
|
+ type: object
|
|
|
+ cloneProtocol:
|
|
|
+ type: string
|
|
|
+ filters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ branchMatch:
|
|
|
+ type: string
|
|
|
+ labelMatch:
|
|
|
+ type: string
|
|
|
+ pathsDoNotExist:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ pathsExist:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ repositoryMatch:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ gitea:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ insecure:
|
|
|
+ type: boolean
|
|
|
+ owner:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - api
|
|
|
+ - owner
|
|
|
+ type: object
|
|
|
+ github:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ appSecretName:
|
|
|
+ type: string
|
|
|
+ organization:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - organization
|
|
|
+ type: object
|
|
|
+ gitlab:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ includeSubgroups:
|
|
|
+ type: boolean
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - group
|
|
|
+ type: object
|
|
|
+ requeueAfterSeconds:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ selector:
|
|
|
+ properties:
|
|
|
+ matchExpressions:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ operator:
|
|
|
+ type: string
|
|
|
+ values:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - operator
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ matchLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - generators
|
|
|
+ type: object
|
|
|
+ merge:
|
|
|
+ properties:
|
|
|
+ generators:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ clusterDecisionResource:
|
|
|
+ properties:
|
|
|
+ configMapRef:
|
|
|
+ type: string
|
|
|
+ labelSelector:
|
|
|
+ properties:
|
|
|
+ matchExpressions:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ operator:
|
|
|
+ type: string
|
|
|
+ values:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - operator
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ matchLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ requeueAfterSeconds:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ values:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - configMapRef
|
|
|
+ type: object
|
|
|
+ clusters:
|
|
|
+ properties:
|
|
|
+ selector:
|
|
|
+ properties:
|
|
|
+ matchExpressions:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ operator:
|
|
|
+ type: string
|
|
|
+ values:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - operator
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ matchLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ values:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ git:
|
|
|
+ properties:
|
|
|
+ directories:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: boolean
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - path
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ files:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - path
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ requeueAfterSeconds:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ revision:
|
|
|
+ type: string
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ - revision
|
|
|
+ type: object
|
|
|
+ list:
|
|
|
+ properties:
|
|
|
+ elements:
|
|
|
+ items:
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ type: array
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - elements
|
|
|
+ type: object
|
|
|
+ matrix:
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ merge:
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ pullRequest:
|
|
|
+ properties:
|
|
|
+ bitbucketServer:
|
|
|
+ properties:
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ basicAuth:
|
|
|
+ properties:
|
|
|
+ passwordRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ username:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - passwordRef
|
|
|
+ - username
|
|
|
+ type: object
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ repo:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - api
|
|
|
+ - project
|
|
|
+ - repo
|
|
|
+ type: object
|
|
|
+ filters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ branchMatch:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ gitea:
|
|
|
+ properties:
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ insecure:
|
|
|
+ type: boolean
|
|
|
+ owner:
|
|
|
+ type: string
|
|
|
+ repo:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - api
|
|
|
+ - owner
|
|
|
+ - repo
|
|
|
+ type: object
|
|
|
+ github:
|
|
|
+ properties:
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ appSecretName:
|
|
|
+ type: string
|
|
|
+ labels:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ owner:
|
|
|
+ type: string
|
|
|
+ repo:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - owner
|
|
|
+ - repo
|
|
|
+ type: object
|
|
|
+ gitlab:
|
|
|
+ properties:
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ labels:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ pullRequestState:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - project
|
|
|
+ type: object
|
|
|
+ requeueAfterSeconds:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ scmProvider:
|
|
|
+ properties:
|
|
|
+ azureDevOps:
|
|
|
+ properties:
|
|
|
+ accessTokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ organization:
|
|
|
+ type: string
|
|
|
+ teamProject:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - accessTokenRef
|
|
|
+ - organization
|
|
|
+ - teamProject
|
|
|
+ type: object
|
|
|
+ bitbucket:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ appPasswordRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ owner:
|
|
|
+ type: string
|
|
|
+ user:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - appPasswordRef
|
|
|
+ - owner
|
|
|
+ - user
|
|
|
+ type: object
|
|
|
+ bitbucketServer:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ basicAuth:
|
|
|
+ properties:
|
|
|
+ passwordRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ username:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - passwordRef
|
|
|
+ - username
|
|
|
+ type: object
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - api
|
|
|
+ - project
|
|
|
+ type: object
|
|
|
+ cloneProtocol:
|
|
|
+ type: string
|
|
|
+ filters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ branchMatch:
|
|
|
+ type: string
|
|
|
+ labelMatch:
|
|
|
+ type: string
|
|
|
+ pathsDoNotExist:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ pathsExist:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ repositoryMatch:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ gitea:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ insecure:
|
|
|
+ type: boolean
|
|
|
+ owner:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - api
|
|
|
+ - owner
|
|
|
+ type: object
|
|
|
+ github:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ appSecretName:
|
|
|
+ type: string
|
|
|
+ organization:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - organization
|
|
|
+ type: object
|
|
|
+ gitlab:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ includeSubgroups:
|
|
|
+ type: boolean
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - group
|
|
|
+ type: object
|
|
|
+ requeueAfterSeconds:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ selector:
|
|
|
+ properties:
|
|
|
+ matchExpressions:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ operator:
|
|
|
+ type: string
|
|
|
+ values:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - operator
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ matchLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ mergeKeys:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - generators
|
|
|
+ - mergeKeys
|
|
|
+ type: object
|
|
|
+ pullRequest:
|
|
|
+ properties:
|
|
|
+ bitbucketServer:
|
|
|
+ properties:
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ basicAuth:
|
|
|
+ properties:
|
|
|
+ passwordRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ username:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - passwordRef
|
|
|
+ - username
|
|
|
+ type: object
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ repo:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - api
|
|
|
+ - project
|
|
|
+ - repo
|
|
|
+ type: object
|
|
|
+ filters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ branchMatch:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ gitea:
|
|
|
+ properties:
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ insecure:
|
|
|
+ type: boolean
|
|
|
+ owner:
|
|
|
+ type: string
|
|
|
+ repo:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - api
|
|
|
+ - owner
|
|
|
+ - repo
|
|
|
+ type: object
|
|
|
+ github:
|
|
|
+ properties:
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ appSecretName:
|
|
|
+ type: string
|
|
|
+ labels:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ owner:
|
|
|
+ type: string
|
|
|
+ repo:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - owner
|
|
|
+ - repo
|
|
|
+ type: object
|
|
|
+ gitlab:
|
|
|
+ properties:
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ labels:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ pullRequestState:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - project
|
|
|
+ type: object
|
|
|
+ requeueAfterSeconds:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ scmProvider:
|
|
|
+ properties:
|
|
|
+ azureDevOps:
|
|
|
+ properties:
|
|
|
+ accessTokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ organization:
|
|
|
+ type: string
|
|
|
+ teamProject:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - accessTokenRef
|
|
|
+ - organization
|
|
|
+ - teamProject
|
|
|
+ type: object
|
|
|
+ bitbucket:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ appPasswordRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ owner:
|
|
|
+ type: string
|
|
|
+ user:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - appPasswordRef
|
|
|
+ - owner
|
|
|
+ - user
|
|
|
+ type: object
|
|
|
+ bitbucketServer:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ basicAuth:
|
|
|
+ properties:
|
|
|
+ passwordRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ username:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - passwordRef
|
|
|
+ - username
|
|
|
+ type: object
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - api
|
|
|
+ - project
|
|
|
+ type: object
|
|
|
+ cloneProtocol:
|
|
|
+ type: string
|
|
|
+ filters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ branchMatch:
|
|
|
+ type: string
|
|
|
+ labelMatch:
|
|
|
+ type: string
|
|
|
+ pathsDoNotExist:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ pathsExist:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ repositoryMatch:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ gitea:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ insecure:
|
|
|
+ type: boolean
|
|
|
+ owner:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - api
|
|
|
+ - owner
|
|
|
+ type: object
|
|
|
+ github:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ appSecretName:
|
|
|
+ type: string
|
|
|
+ organization:
|
|
|
+ type: string
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - organization
|
|
|
+ type: object
|
|
|
+ gitlab:
|
|
|
+ properties:
|
|
|
+ allBranches:
|
|
|
+ type: boolean
|
|
|
+ api:
|
|
|
+ type: string
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ includeSubgroups:
|
|
|
+ type: boolean
|
|
|
+ tokenRef:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ secretName:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - secretName
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - group
|
|
|
+ type: object
|
|
|
+ requeueAfterSeconds:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ selector:
|
|
|
+ properties:
|
|
|
+ matchExpressions:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ type: string
|
|
|
+ operator:
|
|
|
+ type: string
|
|
|
+ values:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - operator
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ matchLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ goTemplate:
|
|
|
+ type: boolean
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ preserveResourcesOnDeletion:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ template:
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ finalizers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ properties:
|
|
|
+ destination:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ ignoreDifferences:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ jqPathExpressions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jsonPointers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ managedFieldsManagers:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ info:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ project:
|
|
|
+ type: string
|
|
|
+ revisionHistoryLimit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ source:
|
|
|
+ properties:
|
|
|
+ chart:
|
|
|
+ type: string
|
|
|
+ directory:
|
|
|
+ properties:
|
|
|
+ exclude:
|
|
|
+ type: string
|
|
|
+ include:
|
|
|
+ type: string
|
|
|
+ jsonnet:
|
|
|
+ properties:
|
|
|
+ extVars:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ libs:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ tlas:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ code:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ recurse:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ helm:
|
|
|
+ properties:
|
|
|
+ fileParameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ ignoreMissingValueFiles:
|
|
|
+ type: boolean
|
|
|
+ parameters:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ forceString:
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ passCredentials:
|
|
|
+ type: boolean
|
|
|
+ releaseName:
|
|
|
+ type: string
|
|
|
+ skipCrds:
|
|
|
+ type: boolean
|
|
|
+ valueFiles:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ values:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ kustomize:
|
|
|
+ properties:
|
|
|
+ commonAnnotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ commonLabels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ forceCommonAnnotations:
|
|
|
+ type: boolean
|
|
|
+ forceCommonLabels:
|
|
|
+ type: boolean
|
|
|
+ images:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ namePrefix:
|
|
|
+ type: string
|
|
|
+ nameSuffix:
|
|
|
+ type: string
|
|
|
+ version:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ path:
|
|
|
+ type: string
|
|
|
+ plugin:
|
|
|
+ properties:
|
|
|
+ env:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ repoURL:
|
|
|
+ type: string
|
|
|
+ targetRevision:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - repoURL
|
|
|
+ type: object
|
|
|
+ syncPolicy:
|
|
|
+ properties:
|
|
|
+ automated:
|
|
|
+ properties:
|
|
|
+ allowEmpty:
|
|
|
+ type: boolean
|
|
|
+ prune:
|
|
|
+ type: boolean
|
|
|
+ selfHeal:
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ managedNamespaceMetadata:
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ labels:
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ retry:
|
|
|
+ properties:
|
|
|
+ backoff:
|
|
|
+ properties:
|
|
|
+ duration:
|
|
|
+ type: string
|
|
|
+ factor:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ maxDuration:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ limit:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ type: object
|
|
|
+ syncOptions:
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - destination
|
|
|
+ - project
|
|
|
+ - source
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - generators
|
|
|
+ - template
|
|
|
+ type: object
|
|
|
+ status:
|
|
|
+ properties:
|
|
|
+ conditions:
|
|
|
+ items:
|
|
|
+ properties:
|
|
|
+ lastTransitionTime:
|
|
|
+ format: date-time
|
|
|
+ type: string
|
|
|
+ message:
|
|
|
+ type: string
|
|
|
+ reason:
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ type: string
|
|
|
+ type:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - message
|
|
|
+ - reason
|
|
|
+ - status
|
|
|
+ - type
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+---
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: appprojects.argoproj.io
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: appprojects.argoproj.io
|
|
|
+spec:
|
|
|
+ group: argoproj.io
|
|
|
+ names:
|
|
|
+ kind: AppProject
|
|
|
+ listKind: AppProjectList
|
|
|
+ plural: appprojects
|
|
|
+ shortNames:
|
|
|
+ - appproj
|
|
|
+ - appprojs
|
|
|
+ singular: appproject
|
|
|
+ scope: Namespaced
|
|
|
+ versions:
|
|
|
+ - name: v1alpha1
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ description: 'AppProject provides a logical grouping of applications, providing
|
|
|
+ controls for: * where the apps may deploy to (cluster whitelist) * what
|
|
|
+ may be deployed (repository whitelist, resource whitelist/blacklist) * who
|
|
|
+ can access these applications (roles, OIDC group claims bindings) * and
|
|
|
+ what they can do (RBAC policies) * automation access to these roles (JWT
|
|
|
+ tokens)'
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: 'APIVersion defines the versioned schema of this representation
|
|
|
+ of an object. Servers should convert recognized schemas to the latest
|
|
|
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind is a string value representing the REST resource this
|
|
|
+ object represents. Servers may infer this from the endpoint the client
|
|
|
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ description: AppProjectSpec is the specification of an AppProject
|
|
|
+ properties:
|
|
|
+ clusterResourceBlacklist:
|
|
|
+ description: ClusterResourceBlacklist contains list of blacklisted
|
|
|
+ cluster level resources
|
|
|
+ items:
|
|
|
+ description: GroupKind specifies a Group and a Kind, but does not
|
|
|
+ force a version. This is useful for identifying concepts during
|
|
|
+ lookup stages without having partially valid types
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - group
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ clusterResourceWhitelist:
|
|
|
+ description: ClusterResourceWhitelist contains list of whitelisted
|
|
|
+ cluster level resources
|
|
|
+ items:
|
|
|
+ description: GroupKind specifies a Group and a Kind, but does not
|
|
|
+ force a version. This is useful for identifying concepts during
|
|
|
+ lookup stages without having partially valid types
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - group
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ description:
|
|
|
+ description: Description contains optional project description
|
|
|
+ type: string
|
|
|
+ destinations:
|
|
|
+ description: Destinations contains list of destinations available
|
|
|
+ for deployment
|
|
|
+ items:
|
|
|
+ description: ApplicationDestination holds information about the
|
|
|
+ application's destination
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name is an alternate way of specifying the target
|
|
|
+ cluster by its symbolic name
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ description: Namespace specifies the target namespace for the
|
|
|
+ application's resources. The namespace will only be set for
|
|
|
+ namespace-scoped resources that have not set a value for .metadata.namespace
|
|
|
+ type: string
|
|
|
+ server:
|
|
|
+ description: Server specifies the URL of the target cluster
|
|
|
+ and must be set to the Kubernetes control plane API
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ namespaceResourceBlacklist:
|
|
|
+ description: NamespaceResourceBlacklist contains list of blacklisted
|
|
|
+ namespace level resources
|
|
|
+ items:
|
|
|
+ description: GroupKind specifies a Group and a Kind, but does not
|
|
|
+ force a version. This is useful for identifying concepts during
|
|
|
+ lookup stages without having partially valid types
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - group
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ namespaceResourceWhitelist:
|
|
|
+ description: NamespaceResourceWhitelist contains list of whitelisted
|
|
|
+ namespace level resources
|
|
|
+ items:
|
|
|
+ description: GroupKind specifies a Group and a Kind, but does not
|
|
|
+ force a version. This is useful for identifying concepts during
|
|
|
+ lookup stages without having partially valid types
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - group
|
|
|
+ - kind
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ orphanedResources:
|
|
|
+ description: OrphanedResources specifies if controller should monitor
|
|
|
+ orphaned resources of apps in this project
|
|
|
+ properties:
|
|
|
+ ignore:
|
|
|
+ description: Ignore contains a list of resources that are to be
|
|
|
+ excluded from orphaned resources monitoring
|
|
|
+ items:
|
|
|
+ description: OrphanedResourceKey is a reference to a resource
|
|
|
+ to be ignored from
|
|
|
+ properties:
|
|
|
+ group:
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ warn:
|
|
|
+ description: Warn indicates if warning condition should be created
|
|
|
+ for apps which have orphaned resources
|
|
|
+ type: boolean
|
|
|
+ type: object
|
|
|
+ permitOnlyProjectScopedClusters:
|
|
|
+ description: PermitOnlyProjectScopedClusters determines whether destinations
|
|
|
+ can only reference clusters which are project-scoped
|
|
|
+ type: boolean
|
|
|
+ roles:
|
|
|
+ description: Roles are user defined RBAC roles associated with this
|
|
|
+ project
|
|
|
+ items:
|
|
|
+ description: ProjectRole represents a role that has access to a
|
|
|
+ project
|
|
|
+ properties:
|
|
|
+ description:
|
|
|
+ description: Description is a description of the role
|
|
|
+ type: string
|
|
|
+ groups:
|
|
|
+ description: Groups are a list of OIDC group claims bound to
|
|
|
+ this role
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ jwtTokens:
|
|
|
+ description: JWTTokens are a list of generated JWT tokens bound
|
|
|
+ to this role
|
|
|
+ items:
|
|
|
+ description: JWTToken holds the issuedAt and expiresAt values
|
|
|
+ of a token
|
|
|
+ properties:
|
|
|
+ exp:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ iat:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ id:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - iat
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ name:
|
|
|
+ description: Name is a name for this role
|
|
|
+ type: string
|
|
|
+ policies:
|
|
|
+ description: Policies Stores a list of casbin formatted strings
|
|
|
+ that define access policies for the role in the project
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ signatureKeys:
|
|
|
+ description: SignatureKeys contains a list of PGP key IDs that commits
|
|
|
+ in Git must be signed with in order to be allowed for sync
|
|
|
+ items:
|
|
|
+ description: SignatureKey is the specification of a key required
|
|
|
+ to verify commit signatures with
|
|
|
+ properties:
|
|
|
+ keyID:
|
|
|
+ description: The ID of the key in hexadecimal notation
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - keyID
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ sourceNamespaces:
|
|
|
+ description: SourceNamespaces defines the namespaces application resources
|
|
|
+ are allowed to be created in
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ sourceRepos:
|
|
|
+ description: SourceRepos contains list of repository URLs which can
|
|
|
+ be used for deployment
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ syncWindows:
|
|
|
+ description: SyncWindows controls when syncs can be run for apps in
|
|
|
+ this project
|
|
|
+ items:
|
|
|
+ description: SyncWindow contains the kind, time, duration and attributes
|
|
|
+ that are used to assign the syncWindows to apps
|
|
|
+ properties:
|
|
|
+ applications:
|
|
|
+ description: Applications contains a list of applications that
|
|
|
+ the window will apply to
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ clusters:
|
|
|
+ description: Clusters contains a list of clusters that the window
|
|
|
+ will apply to
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ duration:
|
|
|
+ description: Duration is the amount of time the sync window
|
|
|
+ will be open
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: Kind defines if the window allows or blocks syncs
|
|
|
+ type: string
|
|
|
+ manualSync:
|
|
|
+ description: ManualSync enables manual syncs when they would
|
|
|
+ otherwise be blocked
|
|
|
+ type: boolean
|
|
|
+ namespaces:
|
|
|
+ description: Namespaces contains a list of namespaces that the
|
|
|
+ window will apply to
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ type: array
|
|
|
+ schedule:
|
|
|
+ description: Schedule is the time the window will begin, specified
|
|
|
+ in cron format
|
|
|
+ type: string
|
|
|
+ timeZone:
|
|
|
+ description: TimeZone of the sync that will be applied to the
|
|
|
+ schedule
|
|
|
+ type: string
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ status:
|
|
|
+ description: AppProjectStatus contains status information for AppProject
|
|
|
+ CRs
|
|
|
+ properties:
|
|
|
+ jwtTokensByRole:
|
|
|
+ additionalProperties:
|
|
|
+ description: JWTTokens represents a list of JWT tokens
|
|
|
+ properties:
|
|
|
+ items:
|
|
|
+ items:
|
|
|
+ description: JWTToken holds the issuedAt and expiresAt values
|
|
|
+ of a token
|
|
|
+ properties:
|
|
|
+ exp:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ iat:
|
|
|
+ format: int64
|
|
|
+ type: integer
|
|
|
+ id:
|
|
|
+ type: string
|
|
|
+ required:
|
|
|
+ - iat
|
|
|
+ type: object
|
|
|
+ type: array
|
|
|
+ type: object
|
|
|
+ description: JWTTokensByRole contains a list of JWT tokens issued
|
|
|
+ for a given role
|
|
|
+ type: object
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metadata
|
|
|
+ - spec
|
|
|
+ type: object
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ServiceAccount
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: application-controller
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-application-controller
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ServiceAccount
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: controller
|
|
|
+ app.kubernetes.io/name: argocd-applicationset-controller
|
|
|
+ app.kubernetes.io/part-of: argocd-applicationset
|
|
|
+ name: argocd-applicationset-controller
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ServiceAccount
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: dex-server
|
|
|
+ app.kubernetes.io/name: argocd-dex-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-dex-server
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ServiceAccount
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: notifications-controller
|
|
|
+ app.kubernetes.io/name: argocd-notifications-controller
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-notifications-controller
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ServiceAccount
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ServiceAccount
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha-haproxy
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ServiceAccount
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: repo-server
|
|
|
+ app.kubernetes.io/name: argocd-repo-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-repo-server
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ServiceAccount
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: server
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-server
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: Role
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: application-controller
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-application-controller
|
|
|
+rules:
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resources:
|
|
|
+ - secrets
|
|
|
+ - configmaps
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+ - list
|
|
|
+ - watch
|
|
|
+- apiGroups:
|
|
|
+ - argoproj.io
|
|
|
+ resources:
|
|
|
+ - applications
|
|
|
+ - appprojects
|
|
|
+ verbs:
|
|
|
+ - create
|
|
|
+ - get
|
|
|
+ - list
|
|
|
+ - watch
|
|
|
+ - update
|
|
|
+ - patch
|
|
|
+ - delete
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resources:
|
|
|
+ - events
|
|
|
+ verbs:
|
|
|
+ - create
|
|
|
+ - list
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: Role
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: controller
|
|
|
+ app.kubernetes.io/name: argocd-applicationset-controller
|
|
|
+ app.kubernetes.io/part-of: argocd-applicationset
|
|
|
+ name: argocd-applicationset-controller
|
|
|
+rules:
|
|
|
+- apiGroups:
|
|
|
+ - argoproj.io
|
|
|
+ resources:
|
|
|
+ - applications
|
|
|
+ - applicationsets
|
|
|
+ - applicationsets/finalizers
|
|
|
+ verbs:
|
|
|
+ - create
|
|
|
+ - delete
|
|
|
+ - get
|
|
|
+ - list
|
|
|
+ - patch
|
|
|
+ - update
|
|
|
+ - watch
|
|
|
+- apiGroups:
|
|
|
+ - argoproj.io
|
|
|
+ resources:
|
|
|
+ - appprojects
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+- apiGroups:
|
|
|
+ - argoproj.io
|
|
|
+ resources:
|
|
|
+ - applicationsets/status
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+ - patch
|
|
|
+ - update
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resources:
|
|
|
+ - events
|
|
|
+ verbs:
|
|
|
+ - create
|
|
|
+ - get
|
|
|
+ - list
|
|
|
+ - patch
|
|
|
+ - watch
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resources:
|
|
|
+ - secrets
|
|
|
+ - configmaps
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+ - list
|
|
|
+ - watch
|
|
|
+- apiGroups:
|
|
|
+ - apps
|
|
|
+ - extensions
|
|
|
+ resources:
|
|
|
+ - deployments
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+ - list
|
|
|
+ - watch
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: Role
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: dex-server
|
|
|
+ app.kubernetes.io/name: argocd-dex-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-dex-server
|
|
|
+rules:
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resources:
|
|
|
+ - secrets
|
|
|
+ - configmaps
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+ - list
|
|
|
+ - watch
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: Role
|
|
|
+metadata:
|
|
|
+ name: argocd-notifications-controller
|
|
|
+rules:
|
|
|
+- apiGroups:
|
|
|
+ - argoproj.io
|
|
|
+ resources:
|
|
|
+ - applications
|
|
|
+ - appprojects
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+ - list
|
|
|
+ - watch
|
|
|
+ - update
|
|
|
+ - patch
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resources:
|
|
|
+ - configmaps
|
|
|
+ - secrets
|
|
|
+ verbs:
|
|
|
+ - list
|
|
|
+ - watch
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resourceNames:
|
|
|
+ - argocd-notifications-cm
|
|
|
+ resources:
|
|
|
+ - configmaps
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resourceNames:
|
|
|
+ - argocd-notifications-secret
|
|
|
+ resources:
|
|
|
+ - secrets
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: Role
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha
|
|
|
+rules:
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resources:
|
|
|
+ - endpoints
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: Role
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha-haproxy
|
|
|
+rules:
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resources:
|
|
|
+ - endpoints
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: Role
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: server
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-server
|
|
|
+rules:
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resources:
|
|
|
+ - secrets
|
|
|
+ - configmaps
|
|
|
+ verbs:
|
|
|
+ - create
|
|
|
+ - get
|
|
|
+ - list
|
|
|
+ - watch
|
|
|
+ - update
|
|
|
+ - patch
|
|
|
+ - delete
|
|
|
+- apiGroups:
|
|
|
+ - argoproj.io
|
|
|
+ resources:
|
|
|
+ - applications
|
|
|
+ - appprojects
|
|
|
+ - applicationsets
|
|
|
+ verbs:
|
|
|
+ - create
|
|
|
+ - get
|
|
|
+ - list
|
|
|
+ - watch
|
|
|
+ - update
|
|
|
+ - delete
|
|
|
+ - patch
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resources:
|
|
|
+ - events
|
|
|
+ verbs:
|
|
|
+ - create
|
|
|
+ - list
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: ClusterRole
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: application-controller
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-application-controller
|
|
|
+rules:
|
|
|
+- apiGroups:
|
|
|
+ - '*'
|
|
|
+ resources:
|
|
|
+ - '*'
|
|
|
+ verbs:
|
|
|
+ - '*'
|
|
|
+- nonResourceURLs:
|
|
|
+ - '*'
|
|
|
+ verbs:
|
|
|
+ - '*'
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: ClusterRole
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: server
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-server
|
|
|
+rules:
|
|
|
+- apiGroups:
|
|
|
+ - '*'
|
|
|
+ resources:
|
|
|
+ - '*'
|
|
|
+ verbs:
|
|
|
+ - delete
|
|
|
+ - get
|
|
|
+ - patch
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resources:
|
|
|
+ - events
|
|
|
+ verbs:
|
|
|
+ - list
|
|
|
+- apiGroups:
|
|
|
+ - ""
|
|
|
+ resources:
|
|
|
+ - pods
|
|
|
+ - pods/log
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+- apiGroups:
|
|
|
+ - argoproj.io
|
|
|
+ resources:
|
|
|
+ - applications
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+ - list
|
|
|
+ - watch
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: RoleBinding
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: application-controller
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-application-controller
|
|
|
+roleRef:
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+ kind: Role
|
|
|
+ name: argocd-application-controller
|
|
|
+subjects:
|
|
|
+- kind: ServiceAccount
|
|
|
+ name: argocd-application-controller
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: RoleBinding
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: controller
|
|
|
+ app.kubernetes.io/name: argocd-applicationset-controller
|
|
|
+ app.kubernetes.io/part-of: argocd-applicationset
|
|
|
+ name: argocd-applicationset-controller
|
|
|
+roleRef:
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+ kind: Role
|
|
|
+ name: argocd-applicationset-controller
|
|
|
+subjects:
|
|
|
+- kind: ServiceAccount
|
|
|
+ name: argocd-applicationset-controller
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: RoleBinding
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: dex-server
|
|
|
+ app.kubernetes.io/name: argocd-dex-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-dex-server
|
|
|
+roleRef:
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+ kind: Role
|
|
|
+ name: argocd-dex-server
|
|
|
+subjects:
|
|
|
+- kind: ServiceAccount
|
|
|
+ name: argocd-dex-server
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: RoleBinding
|
|
|
+metadata:
|
|
|
+ name: argocd-notifications-controller
|
|
|
+roleRef:
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+ kind: Role
|
|
|
+ name: argocd-notifications-controller
|
|
|
+subjects:
|
|
|
+- kind: ServiceAccount
|
|
|
+ name: argocd-notifications-controller
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: RoleBinding
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha
|
|
|
+roleRef:
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+ kind: Role
|
|
|
+ name: argocd-redis-ha
|
|
|
+subjects:
|
|
|
+- kind: ServiceAccount
|
|
|
+ name: argocd-redis-ha
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: RoleBinding
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha-haproxy
|
|
|
+roleRef:
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+ kind: Role
|
|
|
+ name: argocd-redis-ha-haproxy
|
|
|
+subjects:
|
|
|
+- kind: ServiceAccount
|
|
|
+ name: argocd-redis-ha-haproxy
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: RoleBinding
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: server
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-server
|
|
|
+roleRef:
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+ kind: Role
|
|
|
+ name: argocd-server
|
|
|
+subjects:
|
|
|
+- kind: ServiceAccount
|
|
|
+ name: argocd-server
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: ClusterRoleBinding
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: application-controller
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-application-controller
|
|
|
+roleRef:
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+ kind: ClusterRole
|
|
|
+ name: argocd-application-controller
|
|
|
+subjects:
|
|
|
+- kind: ServiceAccount
|
|
|
+ name: argocd-application-controller
|
|
|
+ namespace: argocd
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: ClusterRoleBinding
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: server
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-server
|
|
|
+roleRef:
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+ kind: ClusterRole
|
|
|
+ name: argocd-server
|
|
|
+subjects:
|
|
|
+- kind: ServiceAccount
|
|
|
+ name: argocd-server
|
|
|
+ namespace: argocd
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-cm
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-cm
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-cmd-params-cm
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-gpg-keys-cm
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-gpg-keys-cm
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ name: argocd-notifications-cm
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-rbac-cm
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-rbac-cm
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+data:
|
|
|
+ fix-split-brain.sh: |
|
|
|
+ HOSTNAME="$(hostname)"
|
|
|
+ INDEX="${HOSTNAME##*-}"
|
|
|
+ SENTINEL_PORT=26379
|
|
|
+ ANNOUNCE_IP=''
|
|
|
+ MASTER=''
|
|
|
+ MASTER_GROUP="argocd"
|
|
|
+ QUORUM="2"
|
|
|
+ REDIS_CONF=/data/conf/redis.conf
|
|
|
+ REDIS_PORT=6379
|
|
|
+ REDIS_TLS_PORT=
|
|
|
+ SENTINEL_CONF=/data/conf/sentinel.conf
|
|
|
+ SENTINEL_TLS_PORT=
|
|
|
+ SERVICE=argocd-redis-ha
|
|
|
+ SENTINEL_TLS_REPLICATION_ENABLED=false
|
|
|
+ REDIS_TLS_REPLICATION_ENABLED=false
|
|
|
+
|
|
|
+ ROLE=''
|
|
|
+ REDIS_MASTER=''
|
|
|
+
|
|
|
+ set -eu
|
|
|
+ sentinel_get_master() {
|
|
|
+ set +e
|
|
|
+ if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
|
+ redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel get-master-addr-by-name "${MASTER_GROUP}" |\
|
|
|
+ grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))'
|
|
|
+ else
|
|
|
+ redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel get-master-addr-by-name "${MASTER_GROUP}" |\
|
|
|
+ grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))'
|
|
|
+ fi
|
|
|
+ set -e
|
|
|
+ }
|
|
|
+
|
|
|
+ sentinel_get_master_retry() {
|
|
|
+ master=''
|
|
|
+ retry=${1}
|
|
|
+ sleep=3
|
|
|
+ for i in $(seq 1 "${retry}"); do
|
|
|
+ master=$(sentinel_get_master)
|
|
|
+ if [ -n "${master}" ]; then
|
|
|
+ break
|
|
|
+ fi
|
|
|
+ sleep $((sleep + i))
|
|
|
+ done
|
|
|
+ echo "${master}"
|
|
|
+ }
|
|
|
+
|
|
|
+ identify_master() {
|
|
|
+ echo "Identifying redis master (get-master-addr-by-name).."
|
|
|
+ echo " using sentinel (argocd-redis-ha), sentinel group name (argocd)"
|
|
|
+ MASTER="$(sentinel_get_master_retry 3)"
|
|
|
+ if [ -n "${MASTER}" ]; then
|
|
|
+ echo " $(date) Found redis master (${MASTER})"
|
|
|
+ else
|
|
|
+ echo " $(date) Did not find redis master (${MASTER})"
|
|
|
+ fi
|
|
|
+ }
|
|
|
+
|
|
|
+ sentinel_update() {
|
|
|
+ echo "Updating sentinel config.."
|
|
|
+ echo " evaluating sentinel id (\${SENTINEL_ID_${INDEX}})"
|
|
|
+ eval MY_SENTINEL_ID="\$SENTINEL_ID_${INDEX}"
|
|
|
+ echo " sentinel id (${MY_SENTINEL_ID}), sentinel grp (${MASTER_GROUP}), quorum (${QUORUM})"
|
|
|
+ sed -i "1s/^/sentinel myid ${MY_SENTINEL_ID}\\n/" "${SENTINEL_CONF}"
|
|
|
+ if [ "$SENTINEL_TLS_REPLICATION_ENABLED" = true ]; then
|
|
|
+ echo " redis master (${1}:${REDIS_TLS_PORT})"
|
|
|
+ sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_TLS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}"
|
|
|
+ else
|
|
|
+ echo " redis master (${1}:${REDIS_PORT})"
|
|
|
+ sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}"
|
|
|
+ fi
|
|
|
+ echo "sentinel announce-ip ${ANNOUNCE_IP}" >> ${SENTINEL_CONF}
|
|
|
+ if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
|
+ echo " announce (${ANNOUNCE_IP}:${SENTINEL_TLS_PORT})"
|
|
|
+ echo "sentinel announce-port ${SENTINEL_TLS_PORT}" >> ${SENTINEL_CONF}
|
|
|
+ else
|
|
|
+ echo " announce (${ANNOUNCE_IP}:${SENTINEL_PORT})"
|
|
|
+ echo "sentinel announce-port ${SENTINEL_PORT}" >> ${SENTINEL_CONF}
|
|
|
+ fi
|
|
|
+ }
|
|
|
+
|
|
|
+ redis_update() {
|
|
|
+ echo "Updating redis config.."
|
|
|
+ if [ "$REDIS_TLS_REPLICATION_ENABLED" = true ]; then
|
|
|
+ echo " we are slave of redis master (${1}:${REDIS_TLS_PORT})"
|
|
|
+ echo "slaveof ${1} ${REDIS_TLS_PORT}" >> "${REDIS_CONF}"
|
|
|
+ echo "slave-announce-port ${REDIS_TLS_PORT}" >> ${REDIS_CONF}
|
|
|
+ else
|
|
|
+ echo " we are slave of redis master (${1}:${REDIS_PORT})"
|
|
|
+ echo "slaveof ${1} ${REDIS_PORT}" >> "${REDIS_CONF}"
|
|
|
+ echo "slave-announce-port ${REDIS_PORT}" >> ${REDIS_CONF}
|
|
|
+ fi
|
|
|
+ echo "slave-announce-ip ${ANNOUNCE_IP}" >> ${REDIS_CONF}
|
|
|
+ }
|
|
|
+
|
|
|
+ copy_config() {
|
|
|
+ echo "Copying default redis config.."
|
|
|
+ echo " to '${REDIS_CONF}'"
|
|
|
+ cp /readonly-config/redis.conf "${REDIS_CONF}"
|
|
|
+ echo "Copying default sentinel config.."
|
|
|
+ echo " to '${SENTINEL_CONF}'"
|
|
|
+ cp /readonly-config/sentinel.conf "${SENTINEL_CONF}"
|
|
|
+ }
|
|
|
+
|
|
|
+ setup_defaults() {
|
|
|
+ echo "Setting up defaults.."
|
|
|
+ echo " using statefulset index (${INDEX})"
|
|
|
+ if [ "${INDEX}" = "0" ]; then
|
|
|
+ echo "Setting this pod as master for redis and sentinel.."
|
|
|
+ echo " using announce (${ANNOUNCE_IP})"
|
|
|
+ redis_update "${ANNOUNCE_IP}"
|
|
|
+ sentinel_update "${ANNOUNCE_IP}"
|
|
|
+ echo " make sure ${ANNOUNCE_IP} is not a slave (slaveof no one)"
|
|
|
+ sed -i "s/^.*slaveof.*//" "${REDIS_CONF}"
|
|
|
+ else
|
|
|
+ echo "Getting redis master ip.."
|
|
|
+ echo " blindly assuming (${SERVICE}-announce-0) or (${SERVICE}-server-0) are master"
|
|
|
+ DEFAULT_MASTER="$(getent_hosts 0 | awk '{ print $1 }')"
|
|
|
+ if [ -z "${DEFAULT_MASTER}" ]; then
|
|
|
+ echo "Error: Unable to resolve redis master (getent hosts)."
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ echo " identified redis (may be redis master) ip (${DEFAULT_MASTER})"
|
|
|
+ echo "Setting default slave config for redis and sentinel.."
|
|
|
+ echo " using master ip (${DEFAULT_MASTER})"
|
|
|
+ redis_update "${DEFAULT_MASTER}"
|
|
|
+ sentinel_update "${DEFAULT_MASTER}"
|
|
|
+ fi
|
|
|
+ }
|
|
|
+
|
|
|
+ redis_ping() {
|
|
|
+ set +e
|
|
|
+ if [ "$REDIS_PORT" -eq 0 ]; then
|
|
|
+ redis-cli -h "${MASTER}" -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key ping
|
|
|
+ else
|
|
|
+ redis-cli -h "${MASTER}" -p "${REDIS_PORT}" ping
|
|
|
+ fi
|
|
|
+ set -e
|
|
|
+ }
|
|
|
+
|
|
|
+ redis_ping_retry() {
|
|
|
+ ping=''
|
|
|
+ retry=${1}
|
|
|
+ sleep=3
|
|
|
+ for i in $(seq 1 "${retry}"); do
|
|
|
+ if [ "$(redis_ping)" = "PONG" ]; then
|
|
|
+ ping='PONG'
|
|
|
+ break
|
|
|
+ fi
|
|
|
+ sleep $((sleep + i))
|
|
|
+ MASTER=$(sentinel_get_master)
|
|
|
+ done
|
|
|
+ echo "${ping}"
|
|
|
+ }
|
|
|
+
|
|
|
+ find_master() {
|
|
|
+ echo "Verifying redis master.."
|
|
|
+ if [ "$REDIS_PORT" -eq 0 ]; then
|
|
|
+ echo " ping (${MASTER}:${REDIS_TLS_PORT})"
|
|
|
+ else
|
|
|
+ echo " ping (${MASTER}:${REDIS_PORT})"
|
|
|
+ fi
|
|
|
+ if [ "$(redis_ping_retry 3)" != "PONG" ]; then
|
|
|
+ echo " $(date) Can't ping redis master (${MASTER})"
|
|
|
+ echo "Attempting to force failover (sentinel failover).."
|
|
|
+
|
|
|
+ if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
|
+ echo " on sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
|
+ if redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then
|
|
|
+ echo " $(date) Failover returned with 'NOGOODSLAVE'"
|
|
|
+ echo "Setting defaults for this pod.."
|
|
|
+ setup_defaults
|
|
|
+ return 0
|
|
|
+ fi
|
|
|
+ else
|
|
|
+ echo " on sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
|
+ if redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then
|
|
|
+ echo " $(date) Failover returned with 'NOGOODSLAVE'"
|
|
|
+ echo "Setting defaults for this pod.."
|
|
|
+ setup_defaults
|
|
|
+ return 0
|
|
|
+ fi
|
|
|
+ fi
|
|
|
+
|
|
|
+ echo "Hold on for 10sec"
|
|
|
+ sleep 10
|
|
|
+ echo "We should get redis master's ip now. Asking (get-master-addr-by-name).."
|
|
|
+ if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
|
+ echo " sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
|
+ else
|
|
|
+ echo " sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
|
+ fi
|
|
|
+ MASTER="$(sentinel_get_master)"
|
|
|
+ if [ "${MASTER}" ]; then
|
|
|
+ echo " $(date) Found redis master (${MASTER})"
|
|
|
+ echo "Updating redis and sentinel config.."
|
|
|
+ sentinel_update "${MASTER}"
|
|
|
+ redis_update "${MASTER}"
|
|
|
+ else
|
|
|
+ echo "$(date) Error: Could not failover, exiting..."
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ else
|
|
|
+ echo " $(date) Found reachable redis master (${MASTER})"
|
|
|
+ echo "Updating redis and sentinel config.."
|
|
|
+ sentinel_update "${MASTER}"
|
|
|
+ redis_update "${MASTER}"
|
|
|
+ fi
|
|
|
+ }
|
|
|
+
|
|
|
+ redis_ro_update() {
|
|
|
+ echo "Updating read-only redis config.."
|
|
|
+ echo " redis.conf set 'replica-priority 0'"
|
|
|
+ echo "replica-priority 0" >> ${REDIS_CONF}
|
|
|
+ }
|
|
|
+
|
|
|
+ getent_hosts() {
|
|
|
+ index=${1:-${INDEX}}
|
|
|
+ service="${SERVICE}-announce-${index}"
|
|
|
+ host=$(getent hosts "${service}")
|
|
|
+ echo "${host}"
|
|
|
+ }
|
|
|
+
|
|
|
+ identify_announce_ip() {
|
|
|
+ echo "Identify announce ip for this pod.."
|
|
|
+ echo " using (${SERVICE}-announce-${INDEX}) or (${SERVICE}-server-${INDEX})"
|
|
|
+ ANNOUNCE_IP=$(getent_hosts | awk '{ print $1 }')
|
|
|
+ echo " identified announce (${ANNOUNCE_IP})"
|
|
|
+ }
|
|
|
+
|
|
|
+ redis_role() {
|
|
|
+ set +e
|
|
|
+ if [ "$REDIS_PORT" -eq 0 ]; then
|
|
|
+ ROLE=$(redis-cli -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key info | grep role | sed 's/role://' | sed 's/\r//')
|
|
|
+ else
|
|
|
+ ROLE=$(redis-cli -p "${REDIS_PORT}" info | grep role | sed 's/role://' | sed 's/\r//')
|
|
|
+ fi
|
|
|
+ set -e
|
|
|
+ }
|
|
|
+
|
|
|
+ identify_redis_master() {
|
|
|
+ set +e
|
|
|
+ if [ "$REDIS_PORT" -eq 0 ]; then
|
|
|
+ REDIS_MASTER=$(redis-cli -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key info | grep master_host | sed 's/master_host://' | sed 's/\r//')
|
|
|
+ else
|
|
|
+ REDIS_MASTER=$(redis-cli -p "${REDIS_PORT}" info | grep master_host | sed 's/master_host://' | sed 's/\r//')
|
|
|
+ fi
|
|
|
+ set -e
|
|
|
+ }
|
|
|
+
|
|
|
+ reinit() {
|
|
|
+ set +e
|
|
|
+ sh /readonly-config/init.sh
|
|
|
+
|
|
|
+ if [ "$REDIS_PORT" -eq 0 ]; then
|
|
|
+ echo "shutdown" | redis-cli -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key
|
|
|
+ else
|
|
|
+ echo "shutdown" | redis-cli -p "${REDIS_PORT}"
|
|
|
+ fi
|
|
|
+ set -e
|
|
|
+ }
|
|
|
+
|
|
|
+ identify_announce_ip
|
|
|
+
|
|
|
+ while [ -z "${ANNOUNCE_IP}" ]; do
|
|
|
+ echo "Error: Could not resolve the announce ip for this pod."
|
|
|
+ sleep 30
|
|
|
+ identify_announce_ip
|
|
|
+ done
|
|
|
+
|
|
|
+ while true; do
|
|
|
+ sleep 60
|
|
|
+
|
|
|
+ # where is redis master
|
|
|
+ identify_master
|
|
|
+
|
|
|
+ if [ "$MASTER" = "$ANNOUNCE_IP" ]; then
|
|
|
+ redis_role
|
|
|
+ if [ "$ROLE" != "master" ]; then
|
|
|
+ reinit
|
|
|
+ fi
|
|
|
+ elif [ "${MASTER}" ]; then
|
|
|
+ identify_redis_master
|
|
|
+ if [ "$REDIS_MASTER" != "$MASTER" ]; then
|
|
|
+ reinit
|
|
|
+ fi
|
|
|
+ fi
|
|
|
+ done
|
|
|
+ haproxy.cfg: |
|
|
|
+ defaults REDIS
|
|
|
+ mode tcp
|
|
|
+ timeout connect 4s
|
|
|
+ timeout server 6m
|
|
|
+ timeout client 6m
|
|
|
+ timeout check 2s
|
|
|
+
|
|
|
+ listen health_check_http_url
|
|
|
+ bind [::]:8888 v4v6
|
|
|
+ mode http
|
|
|
+ monitor-uri /healthz
|
|
|
+ option dontlognull
|
|
|
+ # Check Sentinel and whether they are nominated master
|
|
|
+ backend check_if_redis_is_master_0
|
|
|
+ mode tcp
|
|
|
+ option tcp-check
|
|
|
+ tcp-check connect
|
|
|
+ tcp-check send PING\r\n
|
|
|
+ tcp-check expect string +PONG
|
|
|
+ tcp-check send SENTINEL\ get-master-addr-by-name\ argocd\r\n
|
|
|
+ tcp-check expect string REPLACE_ANNOUNCE0
|
|
|
+ tcp-check send QUIT\r\n
|
|
|
+ server R0 argocd-redis-ha-announce-0:26379 check inter 3s
|
|
|
+ server R1 argocd-redis-ha-announce-1:26379 check inter 3s
|
|
|
+ server R2 argocd-redis-ha-announce-2:26379 check inter 3s
|
|
|
+ # Check Sentinel and whether they are nominated master
|
|
|
+ backend check_if_redis_is_master_1
|
|
|
+ mode tcp
|
|
|
+ option tcp-check
|
|
|
+ tcp-check connect
|
|
|
+ tcp-check send PING\r\n
|
|
|
+ tcp-check expect string +PONG
|
|
|
+ tcp-check send SENTINEL\ get-master-addr-by-name\ argocd\r\n
|
|
|
+ tcp-check expect string REPLACE_ANNOUNCE1
|
|
|
+ tcp-check send QUIT\r\n
|
|
|
+ server R0 argocd-redis-ha-announce-0:26379 check inter 3s
|
|
|
+ server R1 argocd-redis-ha-announce-1:26379 check inter 3s
|
|
|
+ server R2 argocd-redis-ha-announce-2:26379 check inter 3s
|
|
|
+ # Check Sentinel and whether they are nominated master
|
|
|
+ backend check_if_redis_is_master_2
|
|
|
+ mode tcp
|
|
|
+ option tcp-check
|
|
|
+ tcp-check connect
|
|
|
+ tcp-check send PING\r\n
|
|
|
+ tcp-check expect string +PONG
|
|
|
+ tcp-check send SENTINEL\ get-master-addr-by-name\ argocd\r\n
|
|
|
+ tcp-check expect string REPLACE_ANNOUNCE2
|
|
|
+ tcp-check send QUIT\r\n
|
|
|
+ server R0 argocd-redis-ha-announce-0:26379 check inter 3s
|
|
|
+ server R1 argocd-redis-ha-announce-1:26379 check inter 3s
|
|
|
+ server R2 argocd-redis-ha-announce-2:26379 check inter 3s
|
|
|
+
|
|
|
+ # decide redis backend to use
|
|
|
+ #master
|
|
|
+ frontend ft_redis_master
|
|
|
+ bind [::]:6379 v4v6
|
|
|
+ use_backend bk_redis_master
|
|
|
+ # Check all redis servers to see if they think they are master
|
|
|
+ backend bk_redis_master
|
|
|
+ mode tcp
|
|
|
+ option tcp-check
|
|
|
+ tcp-check connect
|
|
|
+ tcp-check send PING\r\n
|
|
|
+ tcp-check expect string +PONG
|
|
|
+ tcp-check send info\ replication\r\n
|
|
|
+ tcp-check expect string role:master
|
|
|
+ tcp-check send QUIT\r\n
|
|
|
+ tcp-check expect string +OK
|
|
|
+ use-server R0 if { srv_is_up(R0) } { nbsrv(check_if_redis_is_master_0) ge 2 }
|
|
|
+ server R0 argocd-redis-ha-announce-0:6379 check inter 3s fall 1 rise 1
|
|
|
+ use-server R1 if { srv_is_up(R1) } { nbsrv(check_if_redis_is_master_1) ge 2 }
|
|
|
+ server R1 argocd-redis-ha-announce-1:6379 check inter 3s fall 1 rise 1
|
|
|
+ use-server R2 if { srv_is_up(R2) } { nbsrv(check_if_redis_is_master_2) ge 2 }
|
|
|
+ server R2 argocd-redis-ha-announce-2:6379 check inter 3s fall 1 rise 1
|
|
|
+ haproxy_init.sh: |
|
|
|
+ HAPROXY_CONF=/data/haproxy.cfg
|
|
|
+ cp /readonly/haproxy.cfg "$HAPROXY_CONF"
|
|
|
+ for loop in $(seq 1 10); do
|
|
|
+ getent hosts argocd-redis-ha-announce-0 && break
|
|
|
+ echo "Waiting for service argocd-redis-ha-announce-0 to be ready ($loop) ..." && sleep 1
|
|
|
+ done
|
|
|
+ ANNOUNCE_IP0=$(getent hosts "argocd-redis-ha-announce-0" | awk '{ print $1 }')
|
|
|
+ if [ -z "$ANNOUNCE_IP0" ]; then
|
|
|
+ echo "Could not resolve the announce ip for argocd-redis-ha-announce-0"
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ sed -i "s/REPLACE_ANNOUNCE0/$ANNOUNCE_IP0/" "$HAPROXY_CONF"
|
|
|
+ for loop in $(seq 1 10); do
|
|
|
+ getent hosts argocd-redis-ha-announce-1 && break
|
|
|
+ echo "Waiting for service argocd-redis-ha-announce-1 to be ready ($loop) ..." && sleep 1
|
|
|
+ done
|
|
|
+ ANNOUNCE_IP1=$(getent hosts "argocd-redis-ha-announce-1" | awk '{ print $1 }')
|
|
|
+ if [ -z "$ANNOUNCE_IP1" ]; then
|
|
|
+ echo "Could not resolve the announce ip for argocd-redis-ha-announce-1"
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ sed -i "s/REPLACE_ANNOUNCE1/$ANNOUNCE_IP1/" "$HAPROXY_CONF"
|
|
|
+ for loop in $(seq 1 10); do
|
|
|
+ getent hosts argocd-redis-ha-announce-2 && break
|
|
|
+ echo "Waiting for service argocd-redis-ha-announce-2 to be ready ($loop) ..." && sleep 1
|
|
|
+ done
|
|
|
+ ANNOUNCE_IP2=$(getent hosts "argocd-redis-ha-announce-2" | awk '{ print $1 }')
|
|
|
+ if [ -z "$ANNOUNCE_IP2" ]; then
|
|
|
+ echo "Could not resolve the announce ip for argocd-redis-ha-announce-2"
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ sed -i "s/REPLACE_ANNOUNCE2/$ANNOUNCE_IP2/" "$HAPROXY_CONF"
|
|
|
+ init.sh: |
|
|
|
+ echo "$(date) Start..."
|
|
|
+ HOSTNAME="$(hostname)"
|
|
|
+ INDEX="${HOSTNAME##*-}"
|
|
|
+ SENTINEL_PORT=26379
|
|
|
+ ANNOUNCE_IP=''
|
|
|
+ MASTER=''
|
|
|
+ MASTER_GROUP="argocd"
|
|
|
+ QUORUM="2"
|
|
|
+ REDIS_CONF=/data/conf/redis.conf
|
|
|
+ REDIS_PORT=6379
|
|
|
+ REDIS_TLS_PORT=
|
|
|
+ SENTINEL_CONF=/data/conf/sentinel.conf
|
|
|
+ SENTINEL_TLS_PORT=
|
|
|
+ SERVICE=argocd-redis-ha
|
|
|
+ SENTINEL_TLS_REPLICATION_ENABLED=false
|
|
|
+ REDIS_TLS_REPLICATION_ENABLED=false
|
|
|
+
|
|
|
+ set -eu
|
|
|
+ sentinel_get_master() {
|
|
|
+ set +e
|
|
|
+ if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
|
+ redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel get-master-addr-by-name "${MASTER_GROUP}" |\
|
|
|
+ grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))'
|
|
|
+ else
|
|
|
+ redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel get-master-addr-by-name "${MASTER_GROUP}" |\
|
|
|
+ grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))'
|
|
|
+ fi
|
|
|
+ set -e
|
|
|
+ }
|
|
|
+
|
|
|
+ sentinel_get_master_retry() {
|
|
|
+ master=''
|
|
|
+ retry=${1}
|
|
|
+ sleep=3
|
|
|
+ for i in $(seq 1 "${retry}"); do
|
|
|
+ master=$(sentinel_get_master)
|
|
|
+ if [ -n "${master}" ]; then
|
|
|
+ break
|
|
|
+ fi
|
|
|
+ sleep $((sleep + i))
|
|
|
+ done
|
|
|
+ echo "${master}"
|
|
|
+ }
|
|
|
+
|
|
|
+ identify_master() {
|
|
|
+ echo "Identifying redis master (get-master-addr-by-name).."
|
|
|
+ echo " using sentinel (argocd-redis-ha), sentinel group name (argocd)"
|
|
|
+ MASTER="$(sentinel_get_master_retry 3)"
|
|
|
+ if [ -n "${MASTER}" ]; then
|
|
|
+ echo " $(date) Found redis master (${MASTER})"
|
|
|
+ else
|
|
|
+ echo " $(date) Did not find redis master (${MASTER})"
|
|
|
+ fi
|
|
|
+ }
|
|
|
+
|
|
|
+ sentinel_update() {
|
|
|
+ echo "Updating sentinel config.."
|
|
|
+ echo " evaluating sentinel id (\${SENTINEL_ID_${INDEX}})"
|
|
|
+ eval MY_SENTINEL_ID="\$SENTINEL_ID_${INDEX}"
|
|
|
+ echo " sentinel id (${MY_SENTINEL_ID}), sentinel grp (${MASTER_GROUP}), quorum (${QUORUM})"
|
|
|
+ sed -i "1s/^/sentinel myid ${MY_SENTINEL_ID}\\n/" "${SENTINEL_CONF}"
|
|
|
+ if [ "$SENTINEL_TLS_REPLICATION_ENABLED" = true ]; then
|
|
|
+ echo " redis master (${1}:${REDIS_TLS_PORT})"
|
|
|
+ sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_TLS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}"
|
|
|
+ else
|
|
|
+ echo " redis master (${1}:${REDIS_PORT})"
|
|
|
+ sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}"
|
|
|
+ fi
|
|
|
+ echo "sentinel announce-ip ${ANNOUNCE_IP}" >> ${SENTINEL_CONF}
|
|
|
+ if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
|
+ echo " announce (${ANNOUNCE_IP}:${SENTINEL_TLS_PORT})"
|
|
|
+ echo "sentinel announce-port ${SENTINEL_TLS_PORT}" >> ${SENTINEL_CONF}
|
|
|
+ else
|
|
|
+ echo " announce (${ANNOUNCE_IP}:${SENTINEL_PORT})"
|
|
|
+ echo "sentinel announce-port ${SENTINEL_PORT}" >> ${SENTINEL_CONF}
|
|
|
+ fi
|
|
|
+ }
|
|
|
+
|
|
|
+ redis_update() {
|
|
|
+ echo "Updating redis config.."
|
|
|
+ if [ "$REDIS_TLS_REPLICATION_ENABLED" = true ]; then
|
|
|
+ echo " we are slave of redis master (${1}:${REDIS_TLS_PORT})"
|
|
|
+ echo "slaveof ${1} ${REDIS_TLS_PORT}" >> "${REDIS_CONF}"
|
|
|
+ echo "slave-announce-port ${REDIS_TLS_PORT}" >> ${REDIS_CONF}
|
|
|
+ else
|
|
|
+ echo " we are slave of redis master (${1}:${REDIS_PORT})"
|
|
|
+ echo "slaveof ${1} ${REDIS_PORT}" >> "${REDIS_CONF}"
|
|
|
+ echo "slave-announce-port ${REDIS_PORT}" >> ${REDIS_CONF}
|
|
|
+ fi
|
|
|
+ echo "slave-announce-ip ${ANNOUNCE_IP}" >> ${REDIS_CONF}
|
|
|
+ }
|
|
|
+
|
|
|
+ copy_config() {
|
|
|
+ echo "Copying default redis config.."
|
|
|
+ echo " to '${REDIS_CONF}'"
|
|
|
+ cp /readonly-config/redis.conf "${REDIS_CONF}"
|
|
|
+ echo "Copying default sentinel config.."
|
|
|
+ echo " to '${SENTINEL_CONF}'"
|
|
|
+ cp /readonly-config/sentinel.conf "${SENTINEL_CONF}"
|
|
|
+ }
|
|
|
+
|
|
|
+ setup_defaults() {
|
|
|
+ echo "Setting up defaults.."
|
|
|
+ echo " using statefulset index (${INDEX})"
|
|
|
+ if [ "${INDEX}" = "0" ]; then
|
|
|
+ echo "Setting this pod as master for redis and sentinel.."
|
|
|
+ echo " using announce (${ANNOUNCE_IP})"
|
|
|
+ redis_update "${ANNOUNCE_IP}"
|
|
|
+ sentinel_update "${ANNOUNCE_IP}"
|
|
|
+ echo " make sure ${ANNOUNCE_IP} is not a slave (slaveof no one)"
|
|
|
+ sed -i "s/^.*slaveof.*//" "${REDIS_CONF}"
|
|
|
+ else
|
|
|
+ echo "Getting redis master ip.."
|
|
|
+ echo " blindly assuming (${SERVICE}-announce-0) or (${SERVICE}-server-0) are master"
|
|
|
+ DEFAULT_MASTER="$(getent_hosts 0 | awk '{ print $1 }')"
|
|
|
+ if [ -z "${DEFAULT_MASTER}" ]; then
|
|
|
+ echo "Error: Unable to resolve redis master (getent hosts)."
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ echo " identified redis (may be redis master) ip (${DEFAULT_MASTER})"
|
|
|
+ echo "Setting default slave config for redis and sentinel.."
|
|
|
+ echo " using master ip (${DEFAULT_MASTER})"
|
|
|
+ redis_update "${DEFAULT_MASTER}"
|
|
|
+ sentinel_update "${DEFAULT_MASTER}"
|
|
|
+ fi
|
|
|
+ }
|
|
|
+
|
|
|
+ redis_ping() {
|
|
|
+ set +e
|
|
|
+ if [ "$REDIS_PORT" -eq 0 ]; then
|
|
|
+ redis-cli -h "${MASTER}" -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key ping
|
|
|
+ else
|
|
|
+ redis-cli -h "${MASTER}" -p "${REDIS_PORT}" ping
|
|
|
+ fi
|
|
|
+ set -e
|
|
|
+ }
|
|
|
+
|
|
|
+ redis_ping_retry() {
|
|
|
+ ping=''
|
|
|
+ retry=${1}
|
|
|
+ sleep=3
|
|
|
+ for i in $(seq 1 "${retry}"); do
|
|
|
+ if [ "$(redis_ping)" = "PONG" ]; then
|
|
|
+ ping='PONG'
|
|
|
+ break
|
|
|
+ fi
|
|
|
+ sleep $((sleep + i))
|
|
|
+ MASTER=$(sentinel_get_master)
|
|
|
+ done
|
|
|
+ echo "${ping}"
|
|
|
+ }
|
|
|
+
|
|
|
+ find_master() {
|
|
|
+ echo "Verifying redis master.."
|
|
|
+ if [ "$REDIS_PORT" -eq 0 ]; then
|
|
|
+ echo " ping (${MASTER}:${REDIS_TLS_PORT})"
|
|
|
+ else
|
|
|
+ echo " ping (${MASTER}:${REDIS_PORT})"
|
|
|
+ fi
|
|
|
+ if [ "$(redis_ping_retry 3)" != "PONG" ]; then
|
|
|
+ echo " $(date) Can't ping redis master (${MASTER})"
|
|
|
+ echo "Attempting to force failover (sentinel failover).."
|
|
|
+
|
|
|
+ if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
|
+ echo " on sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
|
+ if redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then
|
|
|
+ echo " $(date) Failover returned with 'NOGOODSLAVE'"
|
|
|
+ echo "Setting defaults for this pod.."
|
|
|
+ setup_defaults
|
|
|
+ return 0
|
|
|
+ fi
|
|
|
+ else
|
|
|
+ echo " on sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
|
+ if redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then
|
|
|
+ echo " $(date) Failover returned with 'NOGOODSLAVE'"
|
|
|
+ echo "Setting defaults for this pod.."
|
|
|
+ setup_defaults
|
|
|
+ return 0
|
|
|
+ fi
|
|
|
+ fi
|
|
|
+
|
|
|
+ echo "Hold on for 10sec"
|
|
|
+ sleep 10
|
|
|
+ echo "We should get redis master's ip now. Asking (get-master-addr-by-name).."
|
|
|
+ if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
|
+ echo " sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
|
+ else
|
|
|
+ echo " sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
|
+ fi
|
|
|
+ MASTER="$(sentinel_get_master)"
|
|
|
+ if [ "${MASTER}" ]; then
|
|
|
+ echo " $(date) Found redis master (${MASTER})"
|
|
|
+ echo "Updating redis and sentinel config.."
|
|
|
+ sentinel_update "${MASTER}"
|
|
|
+ redis_update "${MASTER}"
|
|
|
+ else
|
|
|
+ echo "$(date) Error: Could not failover, exiting..."
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ else
|
|
|
+ echo " $(date) Found reachable redis master (${MASTER})"
|
|
|
+ echo "Updating redis and sentinel config.."
|
|
|
+ sentinel_update "${MASTER}"
|
|
|
+ redis_update "${MASTER}"
|
|
|
+ fi
|
|
|
+ }
|
|
|
+
|
|
|
+ redis_ro_update() {
|
|
|
+ echo "Updating read-only redis config.."
|
|
|
+ echo " redis.conf set 'replica-priority 0'"
|
|
|
+ echo "replica-priority 0" >> ${REDIS_CONF}
|
|
|
+ }
|
|
|
+
|
|
|
+ getent_hosts() {
|
|
|
+ index=${1:-${INDEX}}
|
|
|
+ service="${SERVICE}-announce-${index}"
|
|
|
+ host=$(getent hosts "${service}")
|
|
|
+ echo "${host}"
|
|
|
+ }
|
|
|
+
|
|
|
+ identify_announce_ip() {
|
|
|
+ echo "Identify announce ip for this pod.."
|
|
|
+ echo " using (${SERVICE}-announce-${INDEX}) or (${SERVICE}-server-${INDEX})"
|
|
|
+ ANNOUNCE_IP=$(getent_hosts | awk '{ print $1 }')
|
|
|
+ echo " identified announce (${ANNOUNCE_IP})"
|
|
|
+ }
|
|
|
+
|
|
|
+ mkdir -p /data/conf/
|
|
|
+
|
|
|
+ echo "Initializing config.."
|
|
|
+ copy_config
|
|
|
+
|
|
|
+ # where is redis master
|
|
|
+ identify_master
|
|
|
+
|
|
|
+ identify_announce_ip
|
|
|
+
|
|
|
+ if [ -z "${ANNOUNCE_IP}" ]; then
|
|
|
+ "Error: Could not resolve the announce ip for this pod."
|
|
|
+ exit 1
|
|
|
+ elif [ "${MASTER}" ]; then
|
|
|
+ find_master
|
|
|
+ else
|
|
|
+ setup_defaults
|
|
|
+ fi
|
|
|
+
|
|
|
+ if [ "${AUTH:-}" ]; then
|
|
|
+ echo "Setting redis auth values.."
|
|
|
+ ESCAPED_AUTH=$(echo "${AUTH}" | sed -e 's/[\/&]/\\&/g');
|
|
|
+ sed -i "s/replace-default-auth/${ESCAPED_AUTH}/" "${REDIS_CONF}" "${SENTINEL_CONF}"
|
|
|
+ fi
|
|
|
+
|
|
|
+ if [ "${SENTINELAUTH:-}" ]; then
|
|
|
+ echo "Setting sentinel auth values"
|
|
|
+ ESCAPED_AUTH_SENTINEL=$(echo "$SENTINELAUTH" | sed -e 's/[\/&]/\\&/g');
|
|
|
+ sed -i "s/replace-default-sentinel-auth/${ESCAPED_AUTH_SENTINEL}/" "$SENTINEL_CONF"
|
|
|
+ fi
|
|
|
+
|
|
|
+ echo "$(date) Ready..."
|
|
|
+ redis.conf: |
|
|
|
+ dir "/data"
|
|
|
+ port 6379
|
|
|
+ rename-command FLUSHDB ""
|
|
|
+ rename-command FLUSHALL ""
|
|
|
+ maxmemory 0
|
|
|
+ maxmemory-policy volatile-lru
|
|
|
+ min-replicas-max-lag 5
|
|
|
+ min-replicas-to-write 1
|
|
|
+ rdbchecksum yes
|
|
|
+ rdbcompression yes
|
|
|
+ repl-diskless-sync yes
|
|
|
+ save ""
|
|
|
+ sentinel.conf: |
|
|
|
+ dir "/data"
|
|
|
+ port 26379
|
|
|
+ sentinel down-after-milliseconds argocd 10000
|
|
|
+ sentinel failover-timeout argocd 180000
|
|
|
+ maxclients 10000
|
|
|
+ sentinel parallel-syncs argocd 5
|
|
|
+ trigger-failover-if-master.sh: |
|
|
|
+ get_redis_role() {
|
|
|
+ is_master=$(
|
|
|
+ redis-cli \
|
|
|
+ -h localhost \
|
|
|
+ -p 6379 \
|
|
|
+ info | grep -c 'role:master' || true
|
|
|
+ )
|
|
|
+ }
|
|
|
+ get_redis_role
|
|
|
+ if [[ "$is_master" -eq 1 ]]; then
|
|
|
+ echo "This node is currently master, we trigger a failover."
|
|
|
+ response=$(
|
|
|
+ redis-cli \
|
|
|
+ -h localhost \
|
|
|
+ -p 26379 \
|
|
|
+ SENTINEL failover argocd
|
|
|
+ )
|
|
|
+ if [[ "$response" != "OK" ]] ; then
|
|
|
+ echo "$response"
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ timeout=30
|
|
|
+ while [[ "$is_master" -eq 1 && $timeout -gt 0 ]]; do
|
|
|
+ sleep 1
|
|
|
+ get_redis_role
|
|
|
+ timeout=$((timeout - 1))
|
|
|
+ done
|
|
|
+ echo "Failover successful"
|
|
|
+ fi
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha-configmap
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+data:
|
|
|
+ redis_liveness.sh: |
|
|
|
+ response=$(
|
|
|
+ redis-cli \
|
|
|
+ -h localhost \
|
|
|
+ -p 6379 \
|
|
|
+ ping
|
|
|
+ )
|
|
|
+ if [ "$response" != "PONG" ] && [ "${response:0:7}" != "LOADING" ] ; then
|
|
|
+ echo "$response"
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ echo "response=$response"
|
|
|
+ redis_readiness.sh: |
|
|
|
+ response=$(
|
|
|
+ redis-cli \
|
|
|
+ -h localhost \
|
|
|
+ -p 6379 \
|
|
|
+ ping
|
|
|
+ )
|
|
|
+ if [ "$response" != "PONG" ] ; then
|
|
|
+ echo "$response"
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ echo "response=$response"
|
|
|
+ sentinel_liveness.sh: |
|
|
|
+ response=$(
|
|
|
+ redis-cli \
|
|
|
+ -h localhost \
|
|
|
+ -p 26379 \
|
|
|
+ ping
|
|
|
+ )
|
|
|
+ if [ "$response" != "PONG" ]; then
|
|
|
+ echo "$response"
|
|
|
+ exit 1
|
|
|
+ fi
|
|
|
+ echo "response=$response"
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha-health-configmap
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+data:
|
|
|
+ ssh_known_hosts: |-
|
|
|
+ bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
|
|
|
+ github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
|
|
|
+ gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=
|
|
|
+ gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf
|
|
|
+ gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9
|
|
|
+ ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
|
|
|
+ vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
|
|
|
+ github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=
|
|
|
+ github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-ssh-known-hosts-cm
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-ssh-known-hosts-cm
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-tls-certs-cm
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-tls-certs-cm
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Secret
|
|
|
+metadata:
|
|
|
+ name: argocd-notifications-secret
|
|
|
+type: Opaque
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Secret
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-secret
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-secret
|
|
|
+type: Opaque
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: controller
|
|
|
+ app.kubernetes.io/name: argocd-applicationset-controller
|
|
|
+ app.kubernetes.io/part-of: argocd-applicationset
|
|
|
+ name: argocd-applicationset-controller
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+ - name: webhook
|
|
|
+ port: 7000
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: webhook
|
|
|
+ - name: metrics
|
|
|
+ port: 8080
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: metrics
|
|
|
+ selector:
|
|
|
+ app.kubernetes.io/name: argocd-applicationset-controller
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: dex-server
|
|
|
+ app.kubernetes.io/name: argocd-dex-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-dex-server
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+ - name: http
|
|
|
+ port: 5556
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: 5556
|
|
|
+ - name: grpc
|
|
|
+ port: 5557
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: 5557
|
|
|
+ - name: metrics
|
|
|
+ port: 5558
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: 5558
|
|
|
+ selector:
|
|
|
+ app.kubernetes.io/name: argocd-dex-server
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: metrics
|
|
|
+ app.kubernetes.io/name: argocd-metrics
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-metrics
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+ - name: metrics
|
|
|
+ port: 8082
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: 8082
|
|
|
+ selector:
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-notifications-controller-metrics
|
|
|
+ name: argocd-notifications-controller-metrics
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+ - name: metrics
|
|
|
+ port: 9001
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: 9001
|
|
|
+ selector:
|
|
|
+ app.kubernetes.io/name: argocd-notifications-controller
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha
|
|
|
+spec:
|
|
|
+ clusterIP: None
|
|
|
+ ports:
|
|
|
+ - name: tcp-server
|
|
|
+ port: 6379
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: redis
|
|
|
+ - name: tcp-sentinel
|
|
|
+ port: 26379
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: sentinel
|
|
|
+ selector:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ type: ClusterIP
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ annotations:
|
|
|
+ service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha-announce-0
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+ - name: tcp-server
|
|
|
+ port: 6379
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: redis
|
|
|
+ - name: tcp-sentinel
|
|
|
+ port: 26379
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: sentinel
|
|
|
+ publishNotReadyAddresses: true
|
|
|
+ selector:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ statefulset.kubernetes.io/pod-name: argocd-redis-ha-server-0
|
|
|
+ type: ClusterIP
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ annotations:
|
|
|
+ service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha-announce-1
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+ - name: tcp-server
|
|
|
+ port: 6379
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: redis
|
|
|
+ - name: tcp-sentinel
|
|
|
+ port: 26379
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: sentinel
|
|
|
+ publishNotReadyAddresses: true
|
|
|
+ selector:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ statefulset.kubernetes.io/pod-name: argocd-redis-ha-server-1
|
|
|
+ type: ClusterIP
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ annotations:
|
|
|
+ service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha-announce-2
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+ - name: tcp-server
|
|
|
+ port: 6379
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: redis
|
|
|
+ - name: tcp-sentinel
|
|
|
+ port: 26379
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: sentinel
|
|
|
+ publishNotReadyAddresses: true
|
|
|
+ selector:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ statefulset.kubernetes.io/pod-name: argocd-redis-ha-server-2
|
|
|
+ type: ClusterIP
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha-haproxy
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+ - name: tcp-haproxy
|
|
|
+ port: 6379
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: redis
|
|
|
+ selector:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
|
+ type: ClusterIP
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: repo-server
|
|
|
+ app.kubernetes.io/name: argocd-repo-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-repo-server
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+ - name: server
|
|
|
+ port: 8081
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: 8081
|
|
|
+ - name: metrics
|
|
|
+ port: 8084
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: 8084
|
|
|
+ selector:
|
|
|
+ app.kubernetes.io/name: argocd-repo-server
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: server
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-server
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+ - name: http
|
|
|
+ port: 80
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: 8080
|
|
|
+ - name: https
|
|
|
+ port: 443
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: 8080
|
|
|
+ selector:
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: server
|
|
|
+ app.kubernetes.io/name: argocd-server-metrics
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-server-metrics
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+ - name: metrics
|
|
|
+ port: 8083
|
|
|
+ protocol: TCP
|
|
|
+ targetPort: 8083
|
|
|
+ selector:
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+---
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: controller
|
|
|
+ app.kubernetes.io/name: argocd-applicationset-controller
|
|
|
+ app.kubernetes.io/part-of: argocd-applicationset
|
|
|
+ name: argocd-applicationset-controller
|
|
|
+spec:
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-applicationset-controller
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-applicationset-controller
|
|
|
+ spec:
|
|
|
+ containers:
|
|
|
+ - command:
|
|
|
+ - entrypoint.sh
|
|
|
+ - argocd-applicationset-controller
|
|
|
+ env:
|
|
|
+ - name: NAMESPACE
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: metadata.namespace
|
|
|
+ - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: applicationsetcontroller.enable.leader.election
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: applicationsetcontroller.namespace
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: repo.server
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: applicationsetcontroller.policy
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: applicationsetcontroller.debug
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: applicationsetcontroller.log.format
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: applicationsetcontroller.log.level
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: applicationsetcontroller.dryrun
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_GIT_MODULES_ENABLED
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: applicationsetcontroller.enable.git.submodule
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ image: quay.io/argoproj/argocd:latest
|
|
|
+ imagePullPolicy: Always
|
|
|
+ name: argocd-applicationset-controller
|
|
|
+ ports:
|
|
|
+ - containerPort: 7000
|
|
|
+ name: webhook
|
|
|
+ - containerPort: 8080
|
|
|
+ name: metrics
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /app/config/ssh
|
|
|
+ name: ssh-known-hosts
|
|
|
+ - mountPath: /app/config/tls
|
|
|
+ name: tls-certs
|
|
|
+ - mountPath: /app/config/gpg/source
|
|
|
+ name: gpg-keys
|
|
|
+ - mountPath: /app/config/gpg/keys
|
|
|
+ name: gpg-keyring
|
|
|
+ - mountPath: /tmp
|
|
|
+ name: tmp
|
|
|
+ serviceAccountName: argocd-applicationset-controller
|
|
|
+ volumes:
|
|
|
+ - configMap:
|
|
|
+ name: argocd-ssh-known-hosts-cm
|
|
|
+ name: ssh-known-hosts
|
|
|
+ - configMap:
|
|
|
+ name: argocd-tls-certs-cm
|
|
|
+ name: tls-certs
|
|
|
+ - configMap:
|
|
|
+ name: argocd-gpg-keys-cm
|
|
|
+ name: gpg-keys
|
|
|
+ - emptyDir: {}
|
|
|
+ name: gpg-keyring
|
|
|
+ - emptyDir: {}
|
|
|
+ name: tmp
|
|
|
+---
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: dex-server
|
|
|
+ app.kubernetes.io/name: argocd-dex-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-dex-server
|
|
|
+spec:
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-dex-server
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-dex-server
|
|
|
+ spec:
|
|
|
+ affinity:
|
|
|
+ podAntiAffinity:
|
|
|
+ preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - podAffinityTerm:
|
|
|
+ labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ topologyKey: kubernetes.io/hostname
|
|
|
+ weight: 5
|
|
|
+ containers:
|
|
|
+ - command:
|
|
|
+ - /shared/argocd-dex
|
|
|
+ - rundex
|
|
|
+ env:
|
|
|
+ - name: ARGOCD_DEX_SERVER_DISABLE_TLS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: dexserver.disable.tls
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ image: ghcr.io/dexidp/dex:v2.35.3
|
|
|
+ imagePullPolicy: Always
|
|
|
+ name: dex
|
|
|
+ ports:
|
|
|
+ - containerPort: 5556
|
|
|
+ - containerPort: 5557
|
|
|
+ - containerPort: 5558
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /shared
|
|
|
+ name: static-files
|
|
|
+ - mountPath: /tmp
|
|
|
+ name: dexconfig
|
|
|
+ - mountPath: /tls
|
|
|
+ name: argocd-dex-server-tls
|
|
|
+ initContainers:
|
|
|
+ - command:
|
|
|
+ - cp
|
|
|
+ - -n
|
|
|
+ - /usr/local/bin/argocd
|
|
|
+ - /shared/argocd-dex
|
|
|
+ image: quay.io/argoproj/argocd:latest
|
|
|
+ imagePullPolicy: Always
|
|
|
+ name: copyutil
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /shared
|
|
|
+ name: static-files
|
|
|
+ - mountPath: /tmp
|
|
|
+ name: dexconfig
|
|
|
+ serviceAccountName: argocd-dex-server
|
|
|
+ volumes:
|
|
|
+ - emptyDir: {}
|
|
|
+ name: static-files
|
|
|
+ - emptyDir: {}
|
|
|
+ name: dexconfig
|
|
|
+ - name: argocd-dex-server-tls
|
|
|
+ secret:
|
|
|
+ items:
|
|
|
+ - key: tls.crt
|
|
|
+ path: tls.crt
|
|
|
+ - key: tls.key
|
|
|
+ path: tls.key
|
|
|
+ - key: ca.crt
|
|
|
+ path: ca.crt
|
|
|
+ optional: true
|
|
|
+ secretName: argocd-dex-server-tls
|
|
|
+---
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ name: argocd-notifications-controller
|
|
|
+spec:
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-notifications-controller
|
|
|
+ strategy:
|
|
|
+ type: Recreate
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-notifications-controller
|
|
|
+ spec:
|
|
|
+ containers:
|
|
|
+ - command:
|
|
|
+ - argocd-notifications
|
|
|
+ image: quay.io/argoproj/argocd:latest
|
|
|
+ imagePullPolicy: Always
|
|
|
+ livenessProbe:
|
|
|
+ tcpSocket:
|
|
|
+ port: 9001
|
|
|
+ name: argocd-notifications-controller
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /app/config/tls
|
|
|
+ name: tls-certs
|
|
|
+ - mountPath: /app/config/reposerver/tls
|
|
|
+ name: argocd-repo-server-tls
|
|
|
+ workingDir: /app
|
|
|
+ securityContext:
|
|
|
+ runAsNonRoot: true
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ serviceAccountName: argocd-notifications-controller
|
|
|
+ volumes:
|
|
|
+ - configMap:
|
|
|
+ name: argocd-tls-certs-cm
|
|
|
+ name: tls-certs
|
|
|
+ - name: argocd-repo-server-tls
|
|
|
+ secret:
|
|
|
+ items:
|
|
|
+ - key: tls.crt
|
|
|
+ path: tls.crt
|
|
|
+ - key: tls.key
|
|
|
+ path: tls.key
|
|
|
+ - key: ca.crt
|
|
|
+ path: ca.crt
|
|
|
+ optional: true
|
|
|
+ secretName: argocd-repo-server-tls
|
|
|
+---
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha-haproxy
|
|
|
+spec:
|
|
|
+ replicas: 3
|
|
|
+ revisionHistoryLimit: 1
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
|
+ strategy:
|
|
|
+ type: RollingUpdate
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ annotations:
|
|
|
+ checksum/config: 1f7a9ffcacb3871ceb9b0741c0714e3f7fa656d426a398c1f727fffb01073f35
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
|
+ name: argocd-redis-ha-haproxy
|
|
|
+ spec:
|
|
|
+ affinity:
|
|
|
+ podAntiAffinity:
|
|
|
+ requiredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
|
+ topologyKey: kubernetes.io/hostname
|
|
|
+ containers:
|
|
|
+ - image: haproxy:2.6.2-alpine
|
|
|
+ imagePullPolicy: IfNotPresent
|
|
|
+ lifecycle: {}
|
|
|
+ livenessProbe:
|
|
|
+ httpGet:
|
|
|
+ path: /healthz
|
|
|
+ port: 8888
|
|
|
+ initialDelaySeconds: 5
|
|
|
+ periodSeconds: 3
|
|
|
+ name: haproxy
|
|
|
+ ports:
|
|
|
+ - containerPort: 6379
|
|
|
+ name: redis
|
|
|
+ readinessProbe:
|
|
|
+ httpGet:
|
|
|
+ path: /healthz
|
|
|
+ port: 8888
|
|
|
+ initialDelaySeconds: 5
|
|
|
+ periodSeconds: 3
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /usr/local/etc/haproxy
|
|
|
+ name: data
|
|
|
+ - mountPath: /run/haproxy
|
|
|
+ name: shared-socket
|
|
|
+ initContainers:
|
|
|
+ - args:
|
|
|
+ - /readonly/haproxy_init.sh
|
|
|
+ command:
|
|
|
+ - sh
|
|
|
+ image: haproxy:2.6.2-alpine
|
|
|
+ imagePullPolicy: IfNotPresent
|
|
|
+ name: config-init
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /readonly
|
|
|
+ name: config-volume
|
|
|
+ readOnly: true
|
|
|
+ - mountPath: /data
|
|
|
+ name: data
|
|
|
+ securityContext:
|
|
|
+ fsGroup: 99
|
|
|
+ runAsNonRoot: true
|
|
|
+ runAsUser: 99
|
|
|
+ serviceAccountName: argocd-redis-ha-haproxy
|
|
|
+ volumes:
|
|
|
+ - configMap:
|
|
|
+ name: argocd-redis-ha-configmap
|
|
|
+ name: config-volume
|
|
|
+ - emptyDir: {}
|
|
|
+ name: shared-socket
|
|
|
+ - emptyDir: {}
|
|
|
+ name: data
|
|
|
+---
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: repo-server
|
|
|
+ app.kubernetes.io/name: argocd-repo-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-repo-server
|
|
|
+spec:
|
|
|
+ replicas: 2
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-repo-server
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-repo-server
|
|
|
+ spec:
|
|
|
+ affinity:
|
|
|
+ podAntiAffinity:
|
|
|
+ preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - podAffinityTerm:
|
|
|
+ labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-repo-server
|
|
|
+ topologyKey: failure-domain.beta.kubernetes.io/zone
|
|
|
+ weight: 100
|
|
|
+ requiredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-repo-server
|
|
|
+ topologyKey: kubernetes.io/hostname
|
|
|
+ automountServiceAccountToken: false
|
|
|
+ containers:
|
|
|
+ - command:
|
|
|
+ - entrypoint.sh
|
|
|
+ - argocd-repo-server
|
|
|
+ - --redis
|
|
|
+ - argocd-redis-ha-haproxy:6379
|
|
|
+ env:
|
|
|
+ - name: ARGOCD_RECONCILIATION_TIMEOUT
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: timeout.reconciliation
|
|
|
+ name: argocd-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_REPO_SERVER_LOGFORMAT
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.log.format
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_REPO_SERVER_LOGLEVEL
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.log.level
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_REPO_SERVER_PARALLELISM_LIMIT
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.parallelism.limit
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_REPO_SERVER_DISABLE_TLS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.disable.tls
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_TLS_MIN_VERSION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.tls.minversion
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_TLS_MAX_VERSION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.tls.maxversion
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_TLS_CIPHERS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.tls.ciphers
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_REPO_CACHE_EXPIRATION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.repo.cache.expiration
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: REDIS_SERVER
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: redis.server
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: REDIS_COMPRESSION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: redis.compression
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: REDISDB
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: redis.db
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_DEFAULT_CACHE_EXPIRATION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.default.cache.expiration
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_REPO_SERVER_OTLP_ADDRESS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: otlp.address
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_REPO_SERVER_MAX_COMBINED_DIRECTORY_MANIFESTS_SIZE
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.max.combined.directory.manifests.size
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_REPO_SERVER_PLUGIN_TAR_EXCLUSIONS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.plugin.tar.exclusions
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.allow.oob.symlinks
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_TAR_SIZE
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.streamed.manifest.max.tar.size
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_EXTRACTED_SIZE
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.streamed.manifest.max.extracted.size
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_GIT_MODULES_ENABLED
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: reposerver.enable.git.submodule
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: HELM_CACHE_HOME
|
|
|
+ value: /helm-working-dir
|
|
|
+ - name: HELM_CONFIG_HOME
|
|
|
+ value: /helm-working-dir
|
|
|
+ - name: HELM_DATA_HOME
|
|
|
+ value: /helm-working-dir
|
|
|
+ image: quay.io/argoproj/argocd:latest
|
|
|
+ imagePullPolicy: Always
|
|
|
+ livenessProbe:
|
|
|
+ failureThreshold: 3
|
|
|
+ httpGet:
|
|
|
+ path: /healthz?full=true
|
|
|
+ port: 8084
|
|
|
+ initialDelaySeconds: 30
|
|
|
+ periodSeconds: 30
|
|
|
+ timeoutSeconds: 5
|
|
|
+ name: argocd-repo-server
|
|
|
+ ports:
|
|
|
+ - containerPort: 8081
|
|
|
+ - containerPort: 8084
|
|
|
+ readinessProbe:
|
|
|
+ httpGet:
|
|
|
+ path: /healthz
|
|
|
+ port: 8084
|
|
|
+ initialDelaySeconds: 5
|
|
|
+ periodSeconds: 10
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /app/config/ssh
|
|
|
+ name: ssh-known-hosts
|
|
|
+ - mountPath: /app/config/tls
|
|
|
+ name: tls-certs
|
|
|
+ - mountPath: /app/config/gpg/source
|
|
|
+ name: gpg-keys
|
|
|
+ - mountPath: /app/config/gpg/keys
|
|
|
+ name: gpg-keyring
|
|
|
+ - mountPath: /app/config/reposerver/tls
|
|
|
+ name: argocd-repo-server-tls
|
|
|
+ - mountPath: /tmp
|
|
|
+ name: tmp
|
|
|
+ - mountPath: /helm-working-dir
|
|
|
+ name: helm-working-dir
|
|
|
+ - mountPath: /home/argocd/cmp-server/plugins
|
|
|
+ name: plugins
|
|
|
+ initContainers:
|
|
|
+ - command:
|
|
|
+ - cp
|
|
|
+ - -n
|
|
|
+ - /usr/local/bin/argocd
|
|
|
+ - /var/run/argocd/argocd-cmp-server
|
|
|
+ image: quay.io/argoproj/argocd:latest
|
|
|
+ name: copyutil
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /var/run/argocd
|
|
|
+ name: var-files
|
|
|
+ serviceAccountName: argocd-repo-server
|
|
|
+ volumes:
|
|
|
+ - configMap:
|
|
|
+ name: argocd-ssh-known-hosts-cm
|
|
|
+ name: ssh-known-hosts
|
|
|
+ - configMap:
|
|
|
+ name: argocd-tls-certs-cm
|
|
|
+ name: tls-certs
|
|
|
+ - configMap:
|
|
|
+ name: argocd-gpg-keys-cm
|
|
|
+ name: gpg-keys
|
|
|
+ - emptyDir: {}
|
|
|
+ name: gpg-keyring
|
|
|
+ - emptyDir: {}
|
|
|
+ name: tmp
|
|
|
+ - emptyDir: {}
|
|
|
+ name: helm-working-dir
|
|
|
+ - name: argocd-repo-server-tls
|
|
|
+ secret:
|
|
|
+ items:
|
|
|
+ - key: tls.crt
|
|
|
+ path: tls.crt
|
|
|
+ - key: tls.key
|
|
|
+ path: tls.key
|
|
|
+ - key: ca.crt
|
|
|
+ path: ca.crt
|
|
|
+ optional: true
|
|
|
+ secretName: argocd-repo-server-tls
|
|
|
+ - emptyDir: {}
|
|
|
+ name: var-files
|
|
|
+ - emptyDir: {}
|
|
|
+ name: plugins
|
|
|
+---
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: server
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-server
|
|
|
+spec:
|
|
|
+ replicas: 2
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ spec:
|
|
|
+ affinity:
|
|
|
+ podAntiAffinity:
|
|
|
+ preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - podAffinityTerm:
|
|
|
+ labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ topologyKey: failure-domain.beta.kubernetes.io/zone
|
|
|
+ weight: 100
|
|
|
+ requiredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ topologyKey: kubernetes.io/hostname
|
|
|
+ containers:
|
|
|
+ - command:
|
|
|
+ - argocd-server
|
|
|
+ - --insecure
|
|
|
+ - --redis
|
|
|
+ - argocd-redis-ha-haproxy:6379
|
|
|
+ env:
|
|
|
+ - name: ARGOCD_API_SERVER_REPLICAS
|
|
|
+ value: "2"
|
|
|
+ - name: ARGOCD_SERVER_INSECURE
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.insecure
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_BASEHREF
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.basehref
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_ROOTPATH
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.rootpath
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_LOGFORMAT
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.log.format
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_LOG_LEVEL
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.log.level
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_REPO_SERVER
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: repo.server
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_DEX_SERVER
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.dex.server
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_DISABLE_AUTH
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.disable.auth
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_ENABLE_GZIP
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.enable.gzip
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_REPO_SERVER_TIMEOUT_SECONDS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.repo.server.timeout.seconds
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_X_FRAME_OPTIONS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.x.frame.options
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_CONTENT_SECURITY_POLICY
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.content.security.policy
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_REPO_SERVER_PLAINTEXT
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.repo.server.plaintext
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_REPO_SERVER_STRICT_TLS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.repo.server.strict.tls
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_DEX_SERVER_PLAINTEXT
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.dex.server.plaintext
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_DEX_SERVER_STRICT_TLS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.dex.server.strict.tls
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_TLS_MIN_VERSION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.tls.minversion
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_TLS_MAX_VERSION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.tls.maxversion
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_TLS_CIPHERS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.tls.ciphers
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_CONNECTION_STATUS_CACHE_EXPIRATION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.connection.status.cache.expiration
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_OIDC_CACHE_EXPIRATION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.oidc.cache.expiration
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_LOGIN_ATTEMPTS_EXPIRATION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.login.attempts.expiration
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_STATIC_ASSETS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.staticassets
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APP_STATE_CACHE_EXPIRATION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.app.state.cache.expiration
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: REDIS_SERVER
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: redis.server
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: REDIS_COMPRESSION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: redis.compression
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: REDISDB
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: redis.db
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_DEFAULT_CACHE_EXPIRATION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.default.cache.expiration
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_MAX_COOKIE_NUMBER
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: server.http.cookie.maxnumber
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_SERVER_OTLP_ADDRESS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: otlp.address
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_NAMESPACES
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: application.namespaces
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ image: quay.io/argoproj/argocd:latest
|
|
|
+ imagePullPolicy: Always
|
|
|
+ livenessProbe:
|
|
|
+ httpGet:
|
|
|
+ path: /healthz?full=true
|
|
|
+ port: 8080
|
|
|
+ initialDelaySeconds: 3
|
|
|
+ periodSeconds: 30
|
|
|
+ timeoutSeconds: 5
|
|
|
+ name: argocd-server
|
|
|
+ ports:
|
|
|
+ - containerPort: 8080
|
|
|
+ - containerPort: 8083
|
|
|
+ readinessProbe:
|
|
|
+ httpGet:
|
|
|
+ path: /healthz
|
|
|
+ port: 8080
|
|
|
+ initialDelaySeconds: 3
|
|
|
+ periodSeconds: 30
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /app/config/ssh
|
|
|
+ name: ssh-known-hosts
|
|
|
+ - mountPath: /app/config/tls
|
|
|
+ name: tls-certs
|
|
|
+ - mountPath: /app/config/server/tls
|
|
|
+ name: argocd-repo-server-tls
|
|
|
+ - mountPath: /app/config/dex/tls
|
|
|
+ name: argocd-dex-server-tls
|
|
|
+ - mountPath: /home/argocd
|
|
|
+ name: plugins-home
|
|
|
+ - mountPath: /tmp
|
|
|
+ name: tmp
|
|
|
+ serviceAccountName: argocd-server
|
|
|
+ volumes:
|
|
|
+ - emptyDir: {}
|
|
|
+ name: plugins-home
|
|
|
+ - emptyDir: {}
|
|
|
+ name: tmp
|
|
|
+ - configMap:
|
|
|
+ name: argocd-ssh-known-hosts-cm
|
|
|
+ name: ssh-known-hosts
|
|
|
+ - configMap:
|
|
|
+ name: argocd-tls-certs-cm
|
|
|
+ name: tls-certs
|
|
|
+ - name: argocd-repo-server-tls
|
|
|
+ secret:
|
|
|
+ items:
|
|
|
+ - key: tls.crt
|
|
|
+ path: tls.crt
|
|
|
+ - key: tls.key
|
|
|
+ path: tls.key
|
|
|
+ - key: ca.crt
|
|
|
+ path: ca.crt
|
|
|
+ optional: true
|
|
|
+ secretName: argocd-repo-server-tls
|
|
|
+ - name: argocd-dex-server-tls
|
|
|
+ secret:
|
|
|
+ items:
|
|
|
+ - key: tls.crt
|
|
|
+ path: tls.crt
|
|
|
+ - key: ca.crt
|
|
|
+ path: ca.crt
|
|
|
+ optional: true
|
|
|
+ secretName: argocd-dex-server-tls
|
|
|
+---
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: StatefulSet
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: application-controller
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-application-controller
|
|
|
+spec:
|
|
|
+ replicas: 1
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+ serviceName: argocd-application-controller
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+ spec:
|
|
|
+ affinity:
|
|
|
+ podAntiAffinity:
|
|
|
+ preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - podAffinityTerm:
|
|
|
+ labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+ topologyKey: kubernetes.io/hostname
|
|
|
+ weight: 100
|
|
|
+ - podAffinityTerm:
|
|
|
+ labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ topologyKey: kubernetes.io/hostname
|
|
|
+ weight: 5
|
|
|
+ containers:
|
|
|
+ - command:
|
|
|
+ - argocd-application-controller
|
|
|
+ - --redis
|
|
|
+ - argocd-redis-ha-haproxy:6379
|
|
|
+ env:
|
|
|
+ - name: ARGOCD_CONTROLLER_REPLICAS
|
|
|
+ value: "1"
|
|
|
+ - name: ARGOCD_RECONCILIATION_TIMEOUT
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: timeout.reconciliation
|
|
|
+ name: argocd-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_HARD_RECONCILIATION_TIMEOUT
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: timeout.hard.reconciliation
|
|
|
+ name: argocd-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: repo.server
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: controller.repo.server.timeout.seconds
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_CONTROLLER_STATUS_PROCESSORS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: controller.status.processors
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_CONTROLLER_OPERATION_PROCESSORS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: controller.operation.processors
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_CONTROLLER_LOGFORMAT
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: controller.log.format
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_CONTROLLER_LOGLEVEL
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: controller.log.level
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_CONTROLLER_METRICS_CACHE_EXPIRATION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: controller.metrics.cache.expiration
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_TIMEOUT_SECONDS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: controller.self.heal.timeout.seconds
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: controller.repo.server.plaintext
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_STRICT_TLS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: controller.repo.server.strict.tls
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_CONTROLLER_PERSIST_RESOURCE_HEALTH
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: controller.resource.health.persist
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APP_STATE_CACHE_EXPIRATION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: controller.app.state.cache.expiration
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: REDIS_SERVER
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: redis.server
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: REDIS_COMPRESSION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: redis.compression
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: REDISDB
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: redis.db
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_DEFAULT_CACHE_EXPIRATION
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: controller.default.cache.expiration
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_ADDRESS
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: otlp.address
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ - name: ARGOCD_APPLICATION_NAMESPACES
|
|
|
+ valueFrom:
|
|
|
+ configMapKeyRef:
|
|
|
+ key: application.namespaces
|
|
|
+ name: argocd-cmd-params-cm
|
|
|
+ optional: true
|
|
|
+ image: quay.io/argoproj/argocd:latest
|
|
|
+ imagePullPolicy: Always
|
|
|
+ name: argocd-application-controller
|
|
|
+ ports:
|
|
|
+ - containerPort: 8082
|
|
|
+ readinessProbe:
|
|
|
+ httpGet:
|
|
|
+ path: /healthz
|
|
|
+ port: 8082
|
|
|
+ initialDelaySeconds: 5
|
|
|
+ periodSeconds: 10
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /app/config/controller/tls
|
|
|
+ name: argocd-repo-server-tls
|
|
|
+ - mountPath: /home/argocd
|
|
|
+ name: argocd-home
|
|
|
+ workingDir: /home/argocd
|
|
|
+ serviceAccountName: argocd-application-controller
|
|
|
+ volumes:
|
|
|
+ - emptyDir: {}
|
|
|
+ name: argocd-home
|
|
|
+ - name: argocd-repo-server-tls
|
|
|
+ secret:
|
|
|
+ items:
|
|
|
+ - key: tls.crt
|
|
|
+ path: tls.crt
|
|
|
+ - key: tls.key
|
|
|
+ path: tls.key
|
|
|
+ - key: ca.crt
|
|
|
+ path: ca.crt
|
|
|
+ optional: true
|
|
|
+ secretName: argocd-repo-server-tls
|
|
|
+---
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: StatefulSet
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/component: redis
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ app.kubernetes.io/part-of: argocd
|
|
|
+ name: argocd-redis-ha-server
|
|
|
+spec:
|
|
|
+ podManagementPolicy: OrderedReady
|
|
|
+ replicas: 3
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ serviceName: argocd-redis-ha
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ annotations:
|
|
|
+ checksum/init-config: 84ccf6a9b8a7fa3ae5b62a8f17d6c65a5197e9605da9b2761179bf942828eefe
|
|
|
+ labels:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ spec:
|
|
|
+ affinity:
|
|
|
+ podAntiAffinity:
|
|
|
+ requiredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ topologyKey: kubernetes.io/hostname
|
|
|
+ automountServiceAccountToken: false
|
|
|
+ containers:
|
|
|
+ - args:
|
|
|
+ - /data/conf/redis.conf
|
|
|
+ command:
|
|
|
+ - redis-server
|
|
|
+ image: redis:7.0.5-alpine
|
|
|
+ imagePullPolicy: IfNotPresent
|
|
|
+ lifecycle:
|
|
|
+ preStop:
|
|
|
+ exec:
|
|
|
+ command:
|
|
|
+ - /bin/sh
|
|
|
+ - /readonly-config/trigger-failover-if-master.sh
|
|
|
+ livenessProbe:
|
|
|
+ exec:
|
|
|
+ command:
|
|
|
+ - sh
|
|
|
+ - -c
|
|
|
+ - /health/redis_liveness.sh
|
|
|
+ failureThreshold: 5
|
|
|
+ initialDelaySeconds: 30
|
|
|
+ periodSeconds: 15
|
|
|
+ successThreshold: 1
|
|
|
+ timeoutSeconds: 15
|
|
|
+ name: redis
|
|
|
+ ports:
|
|
|
+ - containerPort: 6379
|
|
|
+ name: redis
|
|
|
+ readinessProbe:
|
|
|
+ exec:
|
|
|
+ command:
|
|
|
+ - sh
|
|
|
+ - -c
|
|
|
+ - /health/redis_readiness.sh
|
|
|
+ failureThreshold: 5
|
|
|
+ initialDelaySeconds: 30
|
|
|
+ periodSeconds: 15
|
|
|
+ successThreshold: 1
|
|
|
+ timeoutSeconds: 15
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /readonly-config
|
|
|
+ name: config
|
|
|
+ readOnly: true
|
|
|
+ - mountPath: /data
|
|
|
+ name: data
|
|
|
+ - mountPath: /health
|
|
|
+ name: health
|
|
|
+ - args:
|
|
|
+ - /data/conf/sentinel.conf
|
|
|
+ command:
|
|
|
+ - redis-sentinel
|
|
|
+ image: redis:7.0.5-alpine
|
|
|
+ imagePullPolicy: IfNotPresent
|
|
|
+ lifecycle: {}
|
|
|
+ livenessProbe:
|
|
|
+ exec:
|
|
|
+ command:
|
|
|
+ - sh
|
|
|
+ - -c
|
|
|
+ - /health/sentinel_liveness.sh
|
|
|
+ failureThreshold: 5
|
|
|
+ initialDelaySeconds: 30
|
|
|
+ periodSeconds: 15
|
|
|
+ successThreshold: 1
|
|
|
+ timeoutSeconds: 15
|
|
|
+ name: sentinel
|
|
|
+ ports:
|
|
|
+ - containerPort: 26379
|
|
|
+ name: sentinel
|
|
|
+ readinessProbe:
|
|
|
+ exec:
|
|
|
+ command:
|
|
|
+ - sh
|
|
|
+ - -c
|
|
|
+ - /health/sentinel_liveness.sh
|
|
|
+ failureThreshold: 5
|
|
|
+ initialDelaySeconds: 30
|
|
|
+ periodSeconds: 15
|
|
|
+ successThreshold: 3
|
|
|
+ timeoutSeconds: 15
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /data
|
|
|
+ name: data
|
|
|
+ - mountPath: /health
|
|
|
+ name: health
|
|
|
+ - args:
|
|
|
+ - /readonly-config/fix-split-brain.sh
|
|
|
+ command:
|
|
|
+ - sh
|
|
|
+ env:
|
|
|
+ - name: SENTINEL_ID_0
|
|
|
+ value: 3c0d9c0320bb34888c2df5757c718ce6ca992ce6
|
|
|
+ - name: SENTINEL_ID_1
|
|
|
+ value: 40000915ab58c3fa8fd888fb8b24711944e6cbb4
|
|
|
+ - name: SENTINEL_ID_2
|
|
|
+ value: 2bbec7894d954a8af3bb54d13eaec53cb024e2ca
|
|
|
+ image: redis:7.0.5-alpine
|
|
|
+ imagePullPolicy: IfNotPresent
|
|
|
+ name: split-brain-fix
|
|
|
+ resources: {}
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /readonly-config
|
|
|
+ name: config
|
|
|
+ readOnly: true
|
|
|
+ - mountPath: /data
|
|
|
+ name: data
|
|
|
+ initContainers:
|
|
|
+ - args:
|
|
|
+ - /readonly-config/init.sh
|
|
|
+ command:
|
|
|
+ - sh
|
|
|
+ env:
|
|
|
+ - name: SENTINEL_ID_0
|
|
|
+ value: 3c0d9c0320bb34888c2df5757c718ce6ca992ce6
|
|
|
+ - name: SENTINEL_ID_1
|
|
|
+ value: 40000915ab58c3fa8fd888fb8b24711944e6cbb4
|
|
|
+ - name: SENTINEL_ID_2
|
|
|
+ value: 2bbec7894d954a8af3bb54d13eaec53cb024e2ca
|
|
|
+ image: redis:7.0.5-alpine
|
|
|
+ imagePullPolicy: IfNotPresent
|
|
|
+ name: config-init
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - ALL
|
|
|
+ seccompProfile:
|
|
|
+ type: RuntimeDefault
|
|
|
+ volumeMounts:
|
|
|
+ - mountPath: /readonly-config
|
|
|
+ name: config
|
|
|
+ readOnly: true
|
|
|
+ - mountPath: /data
|
|
|
+ name: data
|
|
|
+ securityContext:
|
|
|
+ fsGroup: 1000
|
|
|
+ runAsNonRoot: true
|
|
|
+ runAsUser: 1000
|
|
|
+ serviceAccountName: argocd-redis-ha
|
|
|
+ terminationGracePeriodSeconds: 60
|
|
|
+ volumes:
|
|
|
+ - configMap:
|
|
|
+ name: argocd-redis-ha-configmap
|
|
|
+ name: config
|
|
|
+ - configMap:
|
|
|
+ defaultMode: 493
|
|
|
+ name: argocd-redis-ha-health-configmap
|
|
|
+ name: health
|
|
|
+ - emptyDir: {}
|
|
|
+ name: data
|
|
|
+ updateStrategy:
|
|
|
+ type: RollingUpdate
|
|
|
+---
|
|
|
+apiVersion: networking.k8s.io/v1
|
|
|
+kind: NetworkPolicy
|
|
|
+metadata:
|
|
|
+ name: argocd-application-controller-network-policy
|
|
|
+spec:
|
|
|
+ ingress:
|
|
|
+ - from:
|
|
|
+ - namespaceSelector: {}
|
|
|
+ ports:
|
|
|
+ - port: 8082
|
|
|
+ podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+ policyTypes:
|
|
|
+ - Ingress
|
|
|
+---
|
|
|
+apiVersion: networking.k8s.io/v1
|
|
|
+kind: NetworkPolicy
|
|
|
+metadata:
|
|
|
+ name: argocd-applicationset-controller-network-policy
|
|
|
+spec:
|
|
|
+ ingress:
|
|
|
+ - from:
|
|
|
+ - namespaceSelector: {}
|
|
|
+ ports:
|
|
|
+ - port: 7000
|
|
|
+ protocol: TCP
|
|
|
+ - port: 8080
|
|
|
+ protocol: TCP
|
|
|
+ podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-applicationset-controller
|
|
|
+ policyTypes:
|
|
|
+ - Ingress
|
|
|
+---
|
|
|
+apiVersion: networking.k8s.io/v1
|
|
|
+kind: NetworkPolicy
|
|
|
+metadata:
|
|
|
+ name: argocd-dex-server-network-policy
|
|
|
+spec:
|
|
|
+ ingress:
|
|
|
+ - from:
|
|
|
+ - podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ ports:
|
|
|
+ - port: 5556
|
|
|
+ protocol: TCP
|
|
|
+ - port: 5557
|
|
|
+ protocol: TCP
|
|
|
+ - from:
|
|
|
+ - namespaceSelector: {}
|
|
|
+ ports:
|
|
|
+ - port: 5558
|
|
|
+ protocol: TCP
|
|
|
+ podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-dex-server
|
|
|
+ policyTypes:
|
|
|
+ - Ingress
|
|
|
+---
|
|
|
+apiVersion: networking.k8s.io/v1
|
|
|
+kind: NetworkPolicy
|
|
|
+metadata:
|
|
|
+ name: argocd-notifications-controller-network-policy
|
|
|
+spec:
|
|
|
+ ingress:
|
|
|
+ - from:
|
|
|
+ - namespaceSelector: {}
|
|
|
+ ports:
|
|
|
+ - port: 9001
|
|
|
+ protocol: TCP
|
|
|
+ podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-notifications-controller
|
|
|
+ policyTypes:
|
|
|
+ - Ingress
|
|
|
+---
|
|
|
+apiVersion: networking.k8s.io/v1
|
|
|
+kind: NetworkPolicy
|
|
|
+metadata:
|
|
|
+ name: argocd-redis-ha-proxy-network-policy
|
|
|
+spec:
|
|
|
+ egress:
|
|
|
+ - ports:
|
|
|
+ - port: 6379
|
|
|
+ protocol: TCP
|
|
|
+ - port: 26379
|
|
|
+ protocol: TCP
|
|
|
+ to:
|
|
|
+ - podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ - ports:
|
|
|
+ - port: 53
|
|
|
+ protocol: UDP
|
|
|
+ - port: 53
|
|
|
+ protocol: TCP
|
|
|
+ ingress:
|
|
|
+ - from:
|
|
|
+ - podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ - podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-repo-server
|
|
|
+ - podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+ ports:
|
|
|
+ - port: 6379
|
|
|
+ protocol: TCP
|
|
|
+ - port: 26379
|
|
|
+ protocol: TCP
|
|
|
+ podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
|
+ policyTypes:
|
|
|
+ - Ingress
|
|
|
+ - Egress
|
|
|
+---
|
|
|
+apiVersion: networking.k8s.io/v1
|
|
|
+kind: NetworkPolicy
|
|
|
+metadata:
|
|
|
+ name: argocd-redis-ha-server-network-policy
|
|
|
+spec:
|
|
|
+ egress:
|
|
|
+ - ports:
|
|
|
+ - port: 6379
|
|
|
+ protocol: TCP
|
|
|
+ - port: 26379
|
|
|
+ protocol: TCP
|
|
|
+ to:
|
|
|
+ - podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ - ports:
|
|
|
+ - port: 53
|
|
|
+ protocol: UDP
|
|
|
+ - port: 53
|
|
|
+ protocol: TCP
|
|
|
+ ingress:
|
|
|
+ - from:
|
|
|
+ - podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
|
+ - podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ ports:
|
|
|
+ - port: 6379
|
|
|
+ protocol: TCP
|
|
|
+ - port: 26379
|
|
|
+ protocol: TCP
|
|
|
+ podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-redis-ha
|
|
|
+ policyTypes:
|
|
|
+ - Ingress
|
|
|
+ - Egress
|
|
|
+---
|
|
|
+apiVersion: networking.k8s.io/v1
|
|
|
+kind: NetworkPolicy
|
|
|
+metadata:
|
|
|
+ name: argocd-repo-server-network-policy
|
|
|
+spec:
|
|
|
+ ingress:
|
|
|
+ - from:
|
|
|
+ - podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ - podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-application-controller
|
|
|
+ - podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-notifications-controller
|
|
|
+ ports:
|
|
|
+ - port: 8081
|
|
|
+ protocol: TCP
|
|
|
+ - from:
|
|
|
+ - namespaceSelector: {}
|
|
|
+ ports:
|
|
|
+ - port: 8084
|
|
|
+ podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-repo-server
|
|
|
+ policyTypes:
|
|
|
+ - Ingress
|
|
|
+---
|
|
|
+apiVersion: networking.k8s.io/v1
|
|
|
+kind: NetworkPolicy
|
|
|
+metadata:
|
|
|
+ name: argocd-server-network-policy
|
|
|
+spec:
|
|
|
+ ingress:
|
|
|
+ - {}
|
|
|
+ podSelector:
|
|
|
+ matchLabels:
|
|
|
+ app.kubernetes.io/name: argocd-server
|
|
|
+ policyTypes:
|
|
|
+ - Ingress
|
|
|
+---
|
|
|
+apiVersion: traefik.containo.us/v1alpha1
|
|
|
+kind: IngressRoute
|
|
|
+metadata:
|
|
|
+ name: argocd-server
|
|
|
+ namespace: argocd
|
|
|
+spec:
|
|
|
+ entryPoints:
|
|
|
+ - websecure
|
|
|
+ routes:
|
|
|
+ - match: Host(`argocd.dezendorf.net`)
|
|
|
+ kind: Rule
|
|
|
+ priority: 10
|
|
|
+ services:
|
|
|
+ - name: argocd-server
|
|
|
+ port: 80
|
|
|
+ - match: Host(`argocd.dezendorf.net`) && Headers(`Content-Type`, `application/grpc`)
|
|
|
+ kind: Rule
|
|
|
+ priority: 20
|
|
|
+ services:
|
|
|
+ - name: argocd-server
|
|
|
+ port: 80
|
|
|
+ scheme: h2c
|
|
|
+ tls:
|
|
|
+ certResolver: myresolver
|
|
|
+---
|
|
|
+apiVersion: traefik.containo.us/v1alpha1
|
|
|
+kind: IngressRoute
|
|
|
+metadata:
|
|
|
+ name: argocd-redirect
|
|
|
+ namespace: argocd
|
|
|
+spec:
|
|
|
+ entryPoints:
|
|
|
+ - web
|
|
|
+ routes:
|
|
|
+ - match: Host(`argocd.dezendorf.net`) || Host(`argo`)
|
|
|
+ kind: Rule
|
|
|
+ middlewares:
|
|
|
+ - name: redirecthttps
|
|
|
+ services:
|
|
|
+ - name: argocd-server
|
|
|
+ port: 80
|
