diff --git a/.github/workflows/cd-pipeline.yml b/.github/workflows/cd-pipeline.yml index 650886fa8ac440..8d8bda015dd97a 100644 --- a/.github/workflows/cd-pipeline.yml +++ b/.github/workflows/cd-pipeline.yml @@ -21,7 +21,7 @@ jobs: chart: ${{ steps.get-chart.outputs.chart }} result: ${{ steps.get-chart.outputs.result }} steps: - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 with: path: charts fetch-depth: 2 # to be able to obtain files changed in the latest commit @@ -71,7 +71,7 @@ jobs: CSP_API_TOKEN: ${{ secrets.CSP_API_TOKEN }} VIB_PUBLIC_URL: https://cp.bromelia.vmware.com steps: - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 name: Checkout Repository with: path: charts @@ -95,7 +95,7 @@ jobs: with: path: ~/artifacts # If we perform a checkout of the main branch, we will find conflicts with the submodules - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 with: ref: 'index' path: index @@ -105,6 +105,8 @@ jobs: run: | HELM_TARBALL="helm-v3.8.1-linux-amd64.tar.gz" curl -SsLfO "https://get.helm.sh/${HELM_TARBALL}" && sudo tar xf "$HELM_TARBALL" --strip-components 1 -C /usr/local/bin + # Install file plugin + helm plugin add https://github.com/zoobab/helm_file_repo - id: update-index name: Fetch chart and update index env: @@ -145,6 +147,12 @@ jobs: echo "New index.yaml file is shorter than the current one" exit 1 fi + # Adding tmp file as a helm repo + if ! helm repo add cache file://../download/ ; then + echo "New index.yaml file can't be indexed" + exit 1 + fi + cp ../download/index.yaml bitnami/index.yaml # Push changes diff --git a/.github/workflows/ci-pipeline.yml b/.github/workflows/ci-pipeline.yml index 7294305fe2e7a5..1c296be1abee79 100644 --- a/.github/workflows/ci-pipeline.yml +++ b/.github/workflows/ci-pipeline.yml @@ -100,7 +100,7 @@ jobs: if: needs.get-chart.outputs.result == 'ok' steps: - name: Checkout bitnami/charts - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 with: ref: ${{github.event.pull_request.head.ref}} repository: ${{github.event.pull_request.head.repo.full_name}} @@ -270,7 +270,7 @@ jobs: ) name: VIB Verify steps: - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 name: Checkout Repository with: ref: ${{ github.event.pull_request.head.ref }} diff --git a/.github/workflows/license-headers.yml b/.github/workflows/license-headers.yml index 6d8e3a3ad71807..78b592a6012dbe 100644 --- a/.github/workflows/license-headers.yml +++ b/.github/workflows/license-headers.yml @@ -19,7 +19,7 @@ jobs: contents: read pull-requests: write steps: - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 name: Checkout Repository with: ref: ${{ github.event.pull_request.head.ref }} diff --git a/.github/workflows/markdown-linter.yml b/.github/workflows/markdown-linter.yml index f7b5f97cb1f1d6..feb15366b4bd7f 100644 --- a/.github/workflows/markdown-linter.yml +++ b/.github/workflows/markdown-linter.yml @@ -19,7 +19,7 @@ jobs: - name: Install mardownlint run: npm install -g markdownlint-cli@0.33.0 - name: Checkout project - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 - name: Execute markdownlint env: DIFF_URL: "${{github.event.pull_request.diff_url}}" diff --git a/bitnami/airflow/Chart.lock b/bitnami/airflow/Chart.lock index 36898663c2040e..a3e23a90af8493 100644 --- a/bitnami/airflow/Chart.lock +++ b/bitnami/airflow/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: redis repository: oci://registry-1.docker.io/bitnamicharts - version: 19.3.1 + version: 19.3.2 - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.3.1 + version: 15.3.2 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:fabff0ead749d34e71b1d91c0a88b7df583a2e678070b920fbf256b313dbc5c0 -generated: "2024-05-13T16:19:43.191158676Z" +digest: sha256:141d5a1d20c29e9489a7681a919419731608135a9fc5af912c304ff1a7bed64f +generated: "2024-05-17T13:20:55.345544+02:00" diff --git a/bitnami/airflow/Chart.yaml b/bitnami/airflow/Chart.yaml index 0005afa2535db1..da8cc53e8692c8 100644 --- a/bitnami/airflow/Chart.yaml +++ b/bitnami/airflow/Chart.yaml @@ -47,4 +47,4 @@ maintainers: name: airflow sources: - https://github.com/bitnami/charts/tree/main/bitnami/airflow -version: 18.0.10 +version: 18.1.0 diff --git a/bitnami/airflow/README.md b/bitnami/airflow/README.md index 7b76d61d829e41..dcbf253ae57eff 100644 --- a/bitnami/airflow/README.md +++ b/bitnami/airflow/README.md @@ -378,6 +378,12 @@ The Bitnami Airflow chart relies on the PostgreSQL chart persistence. This means | `scheduler.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `15` | | `scheduler.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | | `scheduler.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `scheduler.startupProbe.enabled` | Enable startupProbe on Airflow scheduler containers | `false` | +| `scheduler.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` | +| `scheduler.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `scheduler.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `scheduler.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `scheduler.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | | `scheduler.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | | `scheduler.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | | `scheduler.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | diff --git a/bitnami/airflow/templates/scheduler/deployment.yaml b/bitnami/airflow/templates/scheduler/deployment.yaml index 2a26e2561ea8b6..7a387ef7c0428d 100644 --- a/bitnami/airflow/templates/scheduler/deployment.yaml +++ b/bitnami/airflow/templates/scheduler/deployment.yaml @@ -186,7 +186,7 @@ spec: - /bin/bash - -ec - | - airflow jobs check --job-type SchedulerJob --local {{- if not .Values.diagnosticMode.enabled }} 2>/dev/null {{- end }} + CONNECTION_CHECK_MAX_COUNT=0 airflow jobs check --job-type SchedulerJob --local {{- if not .Values.diagnosticMode.enabled }} 2>/dev/null {{- end }} {{- end }} {{- if .Values.scheduler.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.scheduler.customReadinessProbe "context" $) | trim | nindent 12 }} @@ -201,6 +201,14 @@ spec: {{- end }} {{- if .Values.scheduler.customStartupProbe }} startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.scheduler.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.scheduler.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.scheduler.livenessProbe "enabled") "context" $) | nindent 12 }} + exec: + command: + - /bin/bash + - -ec + - | + CONNECTION_CHECK_MAX_COUNT=0 airflow jobs check --job-type SchedulerJob --local {{- if not .Values.diagnosticMode.enabled }} 2>/dev/null {{- end }} {{- end }} {{- end }} {{- if .Values.scheduler.lifecycleHooks }} diff --git a/bitnami/airflow/templates/web/deployment.yaml b/bitnami/airflow/templates/web/deployment.yaml index 2650df7b048d55..5da95631e98789 100644 --- a/bitnami/airflow/templates/web/deployment.yaml +++ b/bitnami/airflow/templates/web/deployment.yaml @@ -235,14 +235,11 @@ spec: livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.web.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.web.livenessProbe.enabled }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.web.livenessProbe "enabled") "context" $) | nindent 12 }} - {{- if include "airflow.baseUrl" . }} - tcpSocket: - port: http - {{- else }} - httpGet: - path: /health - port: http - {{- end }} + exec: + command: + - pgrep + - -f + - airflow-webserver {{- end }} {{- if .Values.web.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.web.customReadinessProbe "context" $) | nindent 12 }} diff --git a/bitnami/airflow/templates/worker/statefulset.yaml b/bitnami/airflow/templates/worker/statefulset.yaml index 1f911e70aa0d9e..a279d9ed1637bf 100644 --- a/bitnami/airflow/templates/worker/statefulset.yaml +++ b/bitnami/airflow/templates/worker/statefulset.yaml @@ -195,8 +195,13 @@ spec: livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.worker.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.worker.livenessProbe.enabled }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.worker.livenessProbe "enabled") "context" $) | nindent 12 }} - tcpSocket: - port: worker + exec: + command: + - sh + - -c + - | + source /opt/bitnami/airflow/venv/bin/activate && \ + CONNECTION_CHECK_MAX_COUNT=0 python -m celery --app airflow.providers.celery.executors.celery_executor.app inspect ping -d celery@$(hostname) {{- end }} {{- if .Values.worker.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.worker.customReadinessProbe "context" $) | nindent 12 }} diff --git a/bitnami/airflow/values.yaml b/bitnami/airflow/values.yaml index 0ea5ed1abff07a..4903f0b96c1192 100644 --- a/bitnami/airflow/values.yaml +++ b/bitnami/airflow/values.yaml @@ -607,6 +607,20 @@ scheduler: timeoutSeconds: 15 failureThreshold: 6 successThreshold: 1 + ## @param scheduler.startupProbe.enabled Enable startupProbe on Airflow scheduler containers + ## @param scheduler.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + ## @param scheduler.startupProbe.periodSeconds Period seconds for startupProbe + ## @param scheduler.startupProbe.timeoutSeconds Timeout seconds for startupProbe + ## @param scheduler.startupProbe.failureThreshold Failure threshold for startupProbe + ## @param scheduler.startupProbe.successThreshold Success threshold for startupProbe + ## + startupProbe: + enabled: false + initialDelaySeconds: 60 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 15 + successThreshold: 1 ## @param scheduler.customLivenessProbe Custom livenessProbe that overrides the default one ## customLivenessProbe: {} diff --git a/bitnami/apache/Chart.yaml b/bitnami/apache/Chart.yaml index 63c622780926fe..75c4a9126c91f1 100644 --- a/bitnami/apache/Chart.yaml +++ b/bitnami/apache/Chart.yaml @@ -10,7 +10,7 @@ annotations: - name: apache-exporter image: docker.io/bitnami/apache-exporter:1.0.7-debian-12-r8 - name: git - image: docker.io/bitnami/git:2.45.0-debian-12-r2 + image: docker.io/bitnami/git:2.45.1-debian-12-r0 apiVersion: v2 appVersion: 2.4.59 dependencies: @@ -35,4 +35,4 @@ maintainers: name: apache sources: - https://github.com/bitnami/charts/tree/main/bitnami/apache -version: 11.0.5 +version: 11.0.6 diff --git a/bitnami/apache/README.md b/bitnami/apache/README.md index 03450d5225235b..61045fad6c7147 100644 --- a/bitnami/apache/README.md +++ b/bitnami/apache/README.md @@ -181,7 +181,6 @@ As an alternative, you can use the preset configurations for pod affinity, pod | `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | | `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | | `livenessProbe.enabled` | Enable liveness probe | `true` | -| `livenessProbe.path` | Path to access on the HTTP server | `/` | | `livenessProbe.port` | Port for livenessProbe | `http` | | `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | | `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | diff --git a/bitnami/apache/templates/deployment.yaml b/bitnami/apache/templates/deployment.yaml index 0fac544ac3e33b..bb9337aec538a5 100644 --- a/bitnami/apache/templates/deployment.yaml +++ b/bitnami/apache/templates/deployment.yaml @@ -214,8 +214,7 @@ spec: livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.livenessProbe.enabled }} livenessProbe: - httpGet: - path: {{ .Values.livenessProbe.path }} + tcpSocket: port: {{ .Values.livenessProbe.port }} initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} diff --git a/bitnami/apache/values.yaml b/bitnami/apache/values.yaml index 807b895f8d5a3c..64e631adcf2663 100644 --- a/bitnami/apache/values.yaml +++ b/bitnami/apache/values.yaml @@ -92,7 +92,7 @@ image: git: registry: docker.io repository: bitnami/git - tag: 2.45.0-debian-12-r2 + tag: 2.45.1-debian-12-r0 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -319,7 +319,6 @@ startupProbe: failureThreshold: 6 successThreshold: 1 ## @param livenessProbe.enabled Enable liveness probe -## @param livenessProbe.path Path to access on the HTTP server ## @param livenessProbe.port Port for livenessProbe ## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe ## @param livenessProbe.periodSeconds Period seconds for livenessProbe @@ -329,7 +328,6 @@ startupProbe: ## livenessProbe: enabled: true - path: "/" port: http initialDelaySeconds: 180 periodSeconds: 20 diff --git a/bitnami/apisix/Chart.lock b/bitnami/apisix/Chart.lock index a6b6079b2f8443..a1f72f762abe5e 100644 --- a/bitnami/apisix/Chart.lock +++ b/bitnami/apisix/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: etcd repository: oci://registry-1.docker.io/bitnamicharts - version: 10.0.7 + version: 10.0.10 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:13fe7681699d3911d977654994f33a1b528d043536086375ae2522a1f665f21b -generated: "2024-05-13T07:26:45.234443163Z" +digest: sha256:67be2c85795448f2ebc9c3fa18cf7a9c29910072878b114b7d1a59c87a7968b3 +generated: "2024-05-17T23:34:18.905404117Z" diff --git a/bitnami/apisix/Chart.yaml b/bitnami/apisix/Chart.yaml index 88ae146836338f..1677a3c20bce77 100644 --- a/bitnami/apisix/Chart.yaml +++ b/bitnami/apisix/Chart.yaml @@ -45,4 +45,4 @@ sources: - https://github.com/bitnami/charts/tree/main/bitnami/apisix - https://github.com/bitnami/charts/tree/main/bitnami/apisix-dashboard - https://github.com/bitnami/charts/tree/main/bitnami/apisix-ingress-controller -version: 3.0.5 +version: 3.0.6 diff --git a/bitnami/appsmith/Chart.lock b/bitnami/appsmith/Chart.lock index 7a327cd4bcf5a9..10481f2a796faf 100644 --- a/bitnami/appsmith/Chart.lock +++ b/bitnami/appsmith/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: redis repository: oci://registry-1.docker.io/bitnamicharts - version: 19.3.1 + version: 19.3.2 - name: mongodb repository: oci://registry-1.docker.io/bitnamicharts - version: 15.4.1 + version: 15.4.3 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:40e84d926e2a471ebfc368e9595ff80d9587cf283f478411a448d34f25aabcd4 -generated: "2024-05-13T20:35:43.006441083Z" +digest: sha256:b8ff7327fe728d5e8b6b84aa28da6c0c2fc74dbf2535e437b0056529af2f4df8 +generated: "2024-05-16T13:17:13.880129664Z" diff --git a/bitnami/appsmith/Chart.yaml b/bitnami/appsmith/Chart.yaml index 69ac0175a6d74a..4e127e26d0c695 100644 --- a/bitnami/appsmith/Chart.yaml +++ b/bitnami/appsmith/Chart.yaml @@ -6,13 +6,13 @@ annotations: licenses: Apache-2.0 images: | - name: appsmith - image: docker.io/bitnami/appsmith:1.24.1-debian-12-r1 + image: docker.io/bitnami/appsmith:1.25.0-debian-12-r0 - name: haproxy - image: docker.io/bitnami/haproxy:2.9.7-debian-12-r4 + image: docker.io/bitnami/haproxy:2.9.7-debian-12-r5 - name: os-shell image: docker.io/bitnami/os-shell:12-debian-12-r21 apiVersion: v2 -appVersion: 1.24.1 +appVersion: 1.25.0 dependencies: - condition: redis.enabled name: redis @@ -39,4 +39,4 @@ maintainers: name: appsmith sources: - https://github.com/bitnami/charts/tree/main/bitnami/appsmith -version: 3.1.8 +version: 3.1.10 diff --git a/bitnami/appsmith/values.yaml b/bitnami/appsmith/values.yaml index 3c7aa627e4697e..65d2740b3a3539 100644 --- a/bitnami/appsmith/values.yaml +++ b/bitnami/appsmith/values.yaml @@ -82,7 +82,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/appsmith - tag: 1.24.1-debian-12-r1 + tag: 1.25.0-debian-12-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -850,7 +850,7 @@ backend: image: registry: docker.io repository: bitnami/haproxy - tag: 2.9.7-debian-12-r4 + tag: 2.9.7-debian-12-r5 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/bitnami/argo-workflows/Chart.lock b/bitnami/argo-workflows/Chart.lock index 24dbd0bb1f47b5..9b2a1cdb094f23 100644 --- a/bitnami/argo-workflows/Chart.lock +++ b/bitnami/argo-workflows/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.3.1 + version: 15.3.2 - name: mysql repository: oci://registry-1.docker.io/bitnamicharts - version: 10.2.2 + version: 10.2.4 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:b763ba42104c1f035954e954e8fbba381ac37ead9cefdc41cc2126dda92c626e -generated: "2024-05-13T19:30:08.152561912Z" +digest: sha256:cbf7f7ee2dc5eb03ad56e0af79f56294ec7bc5bfa10726abb67de1f0c358fa8d +generated: "2024-05-17T23:44:39.462348354Z" diff --git a/bitnami/argo-workflows/Chart.yaml b/bitnami/argo-workflows/Chart.yaml index b3bf723c430dfb..6180067dc413ed 100644 --- a/bitnami/argo-workflows/Chart.yaml +++ b/bitnami/argo-workflows/Chart.yaml @@ -42,4 +42,4 @@ maintainers: name: argo-workflows sources: - https://github.com/bitnami/charts/tree/main/bitnami/argo-workflows -version: 8.0.9 +version: 8.0.10 diff --git a/bitnami/aspnet-core/Chart.yaml b/bitnami/aspnet-core/Chart.yaml index 865e4a315dc801..0e30dbbc8d9343 100644 --- a/bitnami/aspnet-core/Chart.yaml +++ b/bitnami/aspnet-core/Chart.yaml @@ -31,4 +31,4 @@ maintainers: name: aspnet-core sources: - https://github.com/bitnami/charts/tree/main/bitnami/aspnet-core -version: 6.0.6 +version: 6.0.7 diff --git a/bitnami/cassandra/Chart.yaml b/bitnami/cassandra/Chart.yaml index 8b5320307aef40..180c67ec92dde2 100644 --- a/bitnami/cassandra/Chart.yaml +++ b/bitnami/cassandra/Chart.yaml @@ -32,4 +32,4 @@ maintainers: name: cassandra sources: - https://github.com/bitnami/charts/tree/main/bitnami/cassandra -version: 11.1.6 +version: 11.1.7 diff --git a/bitnami/cert-manager/Chart.yaml b/bitnami/cert-manager/Chart.yaml index 332b3e3f06b14c..570531565ad349 100644 --- a/bitnami/cert-manager/Chart.yaml +++ b/bitnami/cert-manager/Chart.yaml @@ -35,4 +35,4 @@ maintainers: name: cert-manager sources: - https://github.com/bitnami/charts/tree/main/bitnami/cert-manager -version: 1.1.6 +version: 1.1.7 diff --git a/bitnami/clickhouse/Chart.yaml b/bitnami/clickhouse/Chart.yaml index 8a6d287824b0e0..f0b1eebb8d2b38 100644 --- a/bitnami/clickhouse/Chart.yaml +++ b/bitnami/clickhouse/Chart.yaml @@ -35,4 +35,4 @@ maintainers: name: clickhouse sources: - https://github.com/bitnami/charts/tree/main/bitnami/clickhouse -version: 6.0.6 +version: 6.0.7 diff --git a/bitnami/concourse/Chart.lock b/bitnami/concourse/Chart.lock index d53d9b0673b02a..dfac1a3e1e1361 100644 --- a/bitnami/concourse/Chart.lock +++ b/bitnami/concourse/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.2.5 + version: 15.3.2 - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.19.1 -digest: sha256:5978b053115f7c7caab93a9b4a48b66a49df39a0d3b827d0ef89c4c2a258eed5 -generated: "2024-04-21T15:03:23.980400494Z" + version: 2.19.2 +digest: sha256:a984dd4e016db01bc915fe672c3cc75b98898c9ec75685ae458440a85bbe0f4d +generated: "2024-05-18T03:32:17.258526414Z" diff --git a/bitnami/concourse/Chart.yaml b/bitnami/concourse/Chart.yaml index 706ab8753168c2..cae1f4f08b3f87 100644 --- a/bitnami/concourse/Chart.yaml +++ b/bitnami/concourse/Chart.yaml @@ -6,9 +6,9 @@ annotations: licenses: Apache-2.0 images: | - name: concourse - image: docker.io/bitnami/concourse:7.11.2-debian-12-r10 + image: docker.io/bitnami/concourse:7.11.2-debian-12-r12 - name: os-shell - image: docker.io/bitnami/os-shell:12-debian-12-r18 + image: docker.io/bitnami/os-shell:12-debian-12-r21 apiVersion: v2 appVersion: 7.11.2 dependencies: @@ -37,4 +37,4 @@ maintainers: name: concourse sources: - https://github.com/bitnami/charts/tree/main/bitnami/concourse -version: 4.0.1 +version: 4.0.2 diff --git a/bitnami/concourse/values.yaml b/bitnami/concourse/values.yaml index 96f1781d0122df..56b58214b30de2 100644 --- a/bitnami/concourse/values.yaml +++ b/bitnami/concourse/values.yaml @@ -77,7 +77,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/concourse - tag: 7.11.2-debian-12-r10 + tag: 7.11.2-debian-12-r12 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1396,7 +1396,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 12-debian-12-r18 + tag: 12-debian-12-r21 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/bitnami/consul/Chart.yaml b/bitnami/consul/Chart.yaml index fc1d3bd4c3cd81..abea7cc970c939 100644 --- a/bitnami/consul/Chart.yaml +++ b/bitnami/consul/Chart.yaml @@ -6,13 +6,13 @@ annotations: licenses: Apache-2.0 images: | - name: consul - image: docker.io/bitnami/consul:1.18.1-debian-12-r13 + image: docker.io/bitnami/consul:1.18.2-debian-12-r0 - name: consul-exporter image: docker.io/bitnami/consul-exporter:0.12.0-debian-12-r4 - name: os-shell image: docker.io/bitnami/os-shell:12-debian-12-r21 apiVersion: v2 -appVersion: 1.18.1 +appVersion: 1.18.2 dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts @@ -32,4 +32,4 @@ maintainers: name: consul sources: - https://github.com/bitnami/charts/tree/main/bitnami/consul -version: 11.1.7 +version: 11.1.9 diff --git a/bitnami/consul/values.yaml b/bitnami/consul/values.yaml index 79c87a56bf518e..29cfc83af275f1 100644 --- a/bitnami/consul/values.yaml +++ b/bitnami/consul/values.yaml @@ -82,7 +82,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/consul - tag: 1.18.1-debian-12-r13 + tag: 1.18.2-debian-12-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/bitnami/contour/Chart.yaml b/bitnami/contour/Chart.yaml index 72ed52c8c4c1ca..1b04e866977a08 100644 --- a/bitnami/contour/Chart.yaml +++ b/bitnami/contour/Chart.yaml @@ -6,13 +6,13 @@ annotations: licenses: Apache-2.0 images: | - name: contour - image: docker.io/bitnami/contour:1.28.4-debian-12-r2 + image: docker.io/bitnami/contour:1.29.0-debian-12-r0 - name: envoy - image: docker.io/bitnami/envoy:1.29.4-debian-12-r5 + image: docker.io/bitnami/envoy:1.29.4-debian-12-r6 - name: nginx - image: docker.io/bitnami/nginx:1.26.0-debian-12-r0 + image: docker.io/bitnami/nginx:1.26.0-debian-12-r1 apiVersion: v2 -appVersion: 1.28.4 +appVersion: 1.29.0 dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts @@ -32,4 +32,4 @@ maintainers: name: contour sources: - https://github.com/bitnami/charts/tree/main/bitnami/contour -version: 17.1.0 +version: 18.0.1 diff --git a/bitnami/contour/templates/crds/contour-crds.yaml b/bitnami/contour/templates/crds/contour-crds.yaml index ec2523f1eb6f81..dbccdbce71fc8b 100644 --- a/bitnami/contour/templates/crds/contour-crds.yaml +++ b/bitnami/contour/templates/crds/contour-crds.yaml @@ -1,5 +1,5 @@ # Source: https://raw.githubusercontent.com/projectcontour/contour/v{version}/examples/contour/01-crds.yaml -# Version: 1.28.4 +# Version: 1.29.0 # Conditional: .Values.contour.manageCRDs {{- if .Values.contour.manageCRDs }} --- @@ -7,7 +7,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: contourconfigurations.projectcontour.io spec: preserveUnknownFields: false @@ -604,9 +604,9 @@ spec: description: |- FeatureFlags defines toggle to enable new contour features. Available toggles are: - useEndpointSlices - configures contour to fetch endpoint data - from k8s endpoint slices. defaults to false and reading endpoint - data from the k8s endpoints. + useEndpointSlices - Configures contour to fetch endpoint data + from k8s endpoint slices. defaults to true, + If false then reads endpoint data from the k8s endpoints. items: type: string type: array @@ -615,22 +615,10 @@ spec: Gateway contains parameters for the gateway-api Gateway that Contour is configured to serve traffic. properties: - controllerName: - description: |- - ControllerName is used to determine whether Contour should reconcile a - GatewayClass. The string takes the form of "projectcontour.io//contour". - If unset, the gatewayclass controller will not be started. - Exactly one of ControllerName or GatewayRef must be set. - Deprecated: users should use GatewayRef, or the Gateway provisioner, - in place of this field. This field will be removed in a future release. - type: string gatewayRef: description: |- - GatewayRef defines a specific Gateway that this Contour - instance corresponds to. If set, Contour will reconcile - only this gateway, and will not reconcile any gateway - classes. - Exactly one of ControllerName or GatewayRef must be set. + GatewayRef defines the specific Gateway that this Contour + instance corresponds to. properties: name: type: string @@ -640,6 +628,8 @@ spec: - name - namespace type: object + required: + - gatewayRef type: object globalExtAuth: description: |- @@ -1155,7 +1145,7 @@ spec: type: description: |- Defines the XDSServer to use for `contour serve`. - Values: `contour` (default), `envoy`. + Values: `envoy` (default), `contour (deprecated)`. Other values will produce an error. type: string type: object @@ -1374,7 +1364,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: contourdeployments.projectcontour.io spec: preserveUnknownFields: false @@ -1828,6 +1818,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -1837,6 +1829,21 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + If ReadOnly is false, this field has no meaning and must be unspecified. + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -1964,6 +1971,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic path: description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /' @@ -2092,6 +2100,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: description: |- Name of the referent. @@ -2176,8 +2185,8 @@ spec: properties: fieldRef: description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' + pod: only annotations, labels, name, namespace + and uid are supported.' properties: apiVersion: description: Version of the schema the FieldPath @@ -2236,6 +2245,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: description: |- @@ -2327,6 +2337,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: description: |- dataSource field can be used to specify either: @@ -2471,11 +2482,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2503,7 +2516,7 @@ spec: If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. type: string volumeMode: @@ -2547,6 +2560,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic wwids: description: |- wwids Optional: FC volume world wide identifiers (wwids) @@ -2554,6 +2568,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: description: |- @@ -2774,6 +2789,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic readOnly: description: |- readOnly here will force the ReadOnly setting in VolumeMounts. @@ -2958,11 +2974,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -3041,6 +3059,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: description: |- Name of the referent. @@ -3068,7 +3087,7 @@ spec: fieldRef: description: 'Required: Selects a field of the pod: only annotations, labels, - name and namespace are supported.' + name, namespace and uid are supported.' properties: apiVersion: description: Version of the schema @@ -3132,6 +3151,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: description: secret information about the secret @@ -3175,6 +3195,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: description: |- Name of the referent. @@ -3218,6 +3239,7 @@ spec: type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: description: quobyte represents a Quobyte mount on the host @@ -3288,6 +3310,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic pool: description: |- pool is the rados pool name. @@ -3443,6 +3466,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic optional: description: optional field specify whether the Secret or its keys must be defined @@ -4299,9 +4323,9 @@ spec: description: |- FeatureFlags defines toggle to enable new contour features. Available toggles are: - useEndpointSlices - configures contour to fetch endpoint data - from k8s endpoint slices. defaults to false and reading endpoint - data from the k8s endpoints. + useEndpointSlices - Configures contour to fetch endpoint data + from k8s endpoint slices. defaults to true, + If false then reads endpoint data from the k8s endpoints. items: type: string type: array @@ -4310,22 +4334,10 @@ spec: Gateway contains parameters for the gateway-api Gateway that Contour is configured to serve traffic. properties: - controllerName: - description: |- - ControllerName is used to determine whether Contour should reconcile a - GatewayClass. The string takes the form of "projectcontour.io//contour". - If unset, the gatewayclass controller will not be started. - Exactly one of ControllerName or GatewayRef must be set. - Deprecated: users should use GatewayRef, or the Gateway provisioner, - in place of this field. This field will be removed in a future release. - type: string gatewayRef: description: |- - GatewayRef defines a specific Gateway that this Contour - instance corresponds to. If set, Contour will reconcile - only this gateway, and will not reconcile any gateway - classes. - Exactly one of ControllerName or GatewayRef must be set. + GatewayRef defines the specific Gateway that this Contour + instance corresponds to. properties: name: type: string @@ -4335,6 +4347,8 @@ spec: - name - namespace type: object + required: + - gatewayRef type: object globalExtAuth: description: |- @@ -4852,7 +4866,7 @@ spec: type: description: |- Defines the XDSServer to use for `contour serve`. - Values: `contour` (default), `envoy`. + Values: `envoy` (default), `contour (deprecated)`. Other values will produce an error. type: string type: object @@ -4947,7 +4961,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: extensionservices.projectcontour.io spec: preserveUnknownFields: false @@ -5395,7 +5409,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: httpproxies.projectcontour.io spec: preserveUnknownFields: false @@ -8250,6 +8264,7 @@ spec: x-kubernetes-list-type: atomic type: object type: array + x-kubernetes-list-type: atomic type: object type: object required: @@ -8265,7 +8280,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 name: tlscertificatedelegations.projectcontour.io spec: preserveUnknownFields: false diff --git a/bitnami/contour/values.yaml b/bitnami/contour/values.yaml index 98addb2c46bc39..e95af6c761fb09 100644 --- a/bitnami/contour/values.yaml +++ b/bitnami/contour/values.yaml @@ -101,7 +101,7 @@ contour: image: registry: docker.io repository: bitnami/contour - tag: 1.28.4-debian-12-r2 + tag: 1.29.0-debian-12-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -661,7 +661,7 @@ envoy: image: registry: docker.io repository: bitnami/envoy - tag: 1.29.4-debian-12-r5 + tag: 1.29.4-debian-12-r6 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1330,7 +1330,7 @@ defaultBackend: image: registry: docker.io repository: bitnami/nginx - tag: 1.26.0-debian-12-r0 + tag: 1.26.0-debian-12-r1 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/bitnami/deepspeed/Chart.lock b/bitnami/deepspeed/Chart.lock index 15e49228237e3f..2b81496db23b82 100644 --- a/bitnami/deepspeed/Chart.lock +++ b/bitnami/deepspeed/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.19.1 -digest: sha256:c883732817d9aaa3304f7b3109262aa338959de15b432dc5a2dbde13d2e136a5 -generated: "2024-04-05T20:22:40.574062588Z" + version: 2.19.2 +digest: sha256:e670e1075bfafffe040fae1158f1fa1f592585f394b48704ba137d2d083b1571 +generated: "2024-05-18T03:35:08.995174448Z" diff --git a/bitnami/deepspeed/Chart.yaml b/bitnami/deepspeed/Chart.yaml index 216588c61c9f05..7efee1d89b4aaa 100644 --- a/bitnami/deepspeed/Chart.yaml +++ b/bitnami/deepspeed/Chart.yaml @@ -6,11 +6,11 @@ annotations: licenses: Apache-2.0 images: | - name: deepspeed - image: docker.io/bitnami/deepspeed:0.14.2-debian-12-r0 + image: docker.io/bitnami/deepspeed:0.14.2-debian-12-r3 - name: git - image: docker.io/bitnami/git:2.44.0-debian-12-r3 + image: docker.io/bitnami/git:2.45.1-debian-12-r0 - name: os-shell - image: docker.io/bitnami/os-shell:12-debian-12-r19 + image: docker.io/bitnami/os-shell:12-debian-12-r21 apiVersion: v2 appVersion: 0.14.2 dependencies: @@ -35,4 +35,4 @@ name: deepspeed sources: - https://github.com/bitnami/charts/tree/main/bitnami/deepspeed - https://github.com/bitnami/charts/tree/main/bitnami/pytorch -version: 2.0.4 +version: 2.0.5 diff --git a/bitnami/deepspeed/values.yaml b/bitnami/deepspeed/values.yaml index 6e0fa54f53d1c5..9d5441623ff5ff 100644 --- a/bitnami/deepspeed/values.yaml +++ b/bitnami/deepspeed/values.yaml @@ -80,7 +80,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/deepspeed - tag: 0.14.2-debian-12-r0 + tag: 0.14.2-debian-12-r3 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1015,7 +1015,7 @@ worker: gitImage: registry: docker.io repository: bitnami/git - tag: 2.44.0-debian-12-r3 + tag: 2.45.1-debian-12-r0 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1042,7 +1042,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 12-debian-12-r19 + tag: 12-debian-12-r21 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/bitnami/discourse/Chart.lock b/bitnami/discourse/Chart.lock index d15394649e9cbb..48af76a480e597 100644 --- a/bitnami/discourse/Chart.lock +++ b/bitnami/discourse/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: redis repository: oci://registry-1.docker.io/bitnamicharts - version: 19.3.1 + version: 19.3.2 - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.3.1 + version: 15.3.2 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:8c26c39e0ddf939e2bd748aacac0766cb710b54fa1811cbd9e0b87a8508ebf84 -generated: "2024-05-14T04:52:19.188916028Z" +digest: sha256:9e5a14e24063540c292fe51c506f136316f4dcb0e3dacd86306f5ce7bc6c928f +generated: "2024-05-15T19:59:13.425804532Z" diff --git a/bitnami/discourse/Chart.yaml b/bitnami/discourse/Chart.yaml index da4c685e3f8763..0b40f90ce246f9 100644 --- a/bitnami/discourse/Chart.yaml +++ b/bitnami/discourse/Chart.yaml @@ -6,11 +6,11 @@ annotations: licenses: Apache-2.0 images: | - name: discourse - image: docker.io/bitnami/discourse:3.2.1-debian-12-r9 + image: docker.io/bitnami/discourse:3.2.2-debian-12-r0 - name: os-shell image: docker.io/bitnami/os-shell:12-debian-12-r21 apiVersion: v2 -appVersion: 3.2.1 +appVersion: 3.2.2 dependencies: - condition: redis.enabled name: redis @@ -41,4 +41,4 @@ maintainers: name: discourse sources: - https://github.com/bitnami/charts/tree/main/bitnami/discourse -version: 13.0.4 +version: 13.0.6 diff --git a/bitnami/discourse/values.yaml b/bitnami/discourse/values.yaml index bd8804abe46332..b04497bda0e255 100644 --- a/bitnami/discourse/values.yaml +++ b/bitnami/discourse/values.yaml @@ -79,7 +79,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/discourse - tag: 3.2.1-debian-12-r9 + tag: 3.2.2-debian-12-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/bitnami/dokuwiki/Chart.yaml b/bitnami/dokuwiki/Chart.yaml index 48c272e48064bb..792819199ee4b9 100644 --- a/bitnami/dokuwiki/Chart.yaml +++ b/bitnami/dokuwiki/Chart.yaml @@ -35,4 +35,4 @@ maintainers: name: dokuwiki sources: - https://github.com/bitnami/charts/tree/main/bitnami/dokuwiki -version: 16.0.6 +version: 16.0.7 diff --git a/bitnami/drupal/Chart.lock b/bitnami/drupal/Chart.lock index 08e117b32141e0..1ff7840a3aec8d 100644 --- a/bitnami/drupal/Chart.lock +++ b/bitnami/drupal/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: mariadb repository: oci://registry-1.docker.io/bitnamicharts - version: 18.0.3 + version: 18.0.5 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:4528b6ec95332de31a435861d2e676c0267aaf44beefa2216f74d500bbd25ce8 -generated: "2024-05-13T20:27:12.613733681Z" +digest: sha256:c5470e186b8c675df045d2df334629fb8a47a53f87044bd4348c80105ca25eaf +generated: "2024-05-15T16:40:46.567361+02:00" diff --git a/bitnami/drupal/Chart.yaml b/bitnami/drupal/Chart.yaml index e35b2c3fcdbb0d..fb01cd63532554 100644 --- a/bitnami/drupal/Chart.yaml +++ b/bitnami/drupal/Chart.yaml @@ -40,4 +40,4 @@ maintainers: name: drupal sources: - https://github.com/bitnami/charts/tree/main/bitnami/drupal -version: 18.0.5 +version: 18.0.7 diff --git a/bitnami/drupal/README.md b/bitnami/drupal/README.md index 30ac9ad2e3ed00..07c9c7f4cde048 100644 --- a/bitnami/drupal/README.md +++ b/bitnami/drupal/README.md @@ -231,7 +231,6 @@ helm install my-release --set persistence.existingClaim=PVC_NAME oci://REGISTRY_ | `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | | `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | | `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.path` | Request path for livenessProbe | `/user/login` | | `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | | `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | | `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | diff --git a/bitnami/drupal/templates/deployment.yaml b/bitnami/drupal/templates/deployment.yaml index 57c5edb5cf38be..969d3e8fb85f80 100644 --- a/bitnami/drupal/templates/deployment.yaml +++ b/bitnami/drupal/templates/deployment.yaml @@ -284,8 +284,7 @@ spec: livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.livenessProbe.enabled }} livenessProbe: - httpGet: - path: {{ .Values.livenessProbe.path }} + tcpSocket: port: http initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} diff --git a/bitnami/drupal/values.yaml b/bitnami/drupal/values.yaml index c6b7500d38f3df..233319eb7f1986 100644 --- a/bitnami/drupal/values.yaml +++ b/bitnami/drupal/values.yaml @@ -378,13 +378,8 @@ startupProbe: failureThreshold: 5 successThreshold: 1 ## Configure extra options for liveness probe -## Drupal core exposes /user/login to unauthenticated requests, making it a good -## default liveness and readiness path. However, that may not always be the -## case. For example, if the image value is overridden to an image containing a -## module that alters that route, or an image that does not auto-install Drupal. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes ## @param livenessProbe.enabled Enable livenessProbe -## @param livenessProbe.path Request path for livenessProbe ## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe ## @param livenessProbe.periodSeconds Period seconds for livenessProbe ## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe @@ -393,7 +388,6 @@ startupProbe: ## livenessProbe: enabled: true - path: /user/login initialDelaySeconds: 600 periodSeconds: 10 timeoutSeconds: 5 @@ -401,7 +395,7 @@ livenessProbe: successThreshold: 1 ## Configure extra options for readiness probe ## Drupal core exposes /user/login to unauthenticated requests, making it a good -## default liveness and readiness path. However, that may not always be the +## default startup and readiness path. However, that may not always be the ## case. For example, if the image value is overridden to an image containing a ## module that alters that route, or an image that does not auto-install Drupal. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes diff --git a/bitnami/ejbca/Chart.lock b/bitnami/ejbca/Chart.lock index 91d53de621db63..ef5b470d101a3f 100644 --- a/bitnami/ejbca/Chart.lock +++ b/bitnami/ejbca/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: mariadb repository: oci://registry-1.docker.io/bitnamicharts - version: 18.0.3 + version: 18.0.6 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:8dbe835af2da2d5efb1400c5c4c2c81759431e428aaf7906e1c0115cbd621596 -generated: "2024-05-13T20:35:05.256708903Z" +digest: sha256:3f3226c5553937a79f883510ce5a521b86d401f22407c11e53f8bf8ff7096d80 +generated: "2024-05-20T09:01:37.771497+02:00" diff --git a/bitnami/ejbca/Chart.yaml b/bitnami/ejbca/Chart.yaml index 4a899aa93cd4fc..b03abbbad2543e 100644 --- a/bitnami/ejbca/Chart.yaml +++ b/bitnami/ejbca/Chart.yaml @@ -35,4 +35,4 @@ maintainers: name: ejbca sources: - https://github.com/bitnami/charts/tree/main/bitnami/ejbca -version: 14.0.3 +version: 14.0.5 diff --git a/bitnami/ejbca/templates/deployment.yaml b/bitnami/ejbca/templates/deployment.yaml index 118707dd2b620e..bb27cc875c9d85 100644 --- a/bitnami/ejbca/templates/deployment.yaml +++ b/bitnami/ejbca/templates/deployment.yaml @@ -207,8 +207,7 @@ spec: timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} successThreshold: {{ .Values.livenessProbe.successThreshold }} failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - httpGet: - path: /ejbca/doc + tcpSocket: port: http {{- end }} {{- if .Values.customReadinessProbe }} diff --git a/bitnami/elasticsearch/Chart.lock b/bitnami/elasticsearch/Chart.lock index 52800318e102f7..af32b4b56bde20 100644 --- a/bitnami/elasticsearch/Chart.lock +++ b/bitnami/elasticsearch/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: kibana repository: oci://registry-1.docker.io/bitnamicharts - version: 11.0.6 + version: 11.0.7 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:9baf670c5086213cf48594dc5fc500140d0b0f6cb9a99f6f13e5bab697385983 -generated: "2024-05-14T12:46:14.595728349Z" +digest: sha256:3d78350928d7f47d0caf231a9b166b34a47224f0c0b8a0e157c1432c7173da81 +generated: "2024-05-18T00:55:28.587402944Z" diff --git a/bitnami/elasticsearch/Chart.yaml b/bitnami/elasticsearch/Chart.yaml index 37934630abd622..176d95752b411a 100644 --- a/bitnami/elasticsearch/Chart.yaml +++ b/bitnami/elasticsearch/Chart.yaml @@ -8,7 +8,7 @@ annotations: - name: elasticsearch image: docker.io/bitnami/elasticsearch:8.13.4-debian-12-r0 - name: elasticsearch-exporter - image: docker.io/bitnami/elasticsearch-exporter:1.7.0-debian-12-r18 + image: docker.io/bitnami/elasticsearch-exporter:1.7.0-debian-12-r25 - name: os-shell image: docker.io/bitnami/os-shell:12-debian-12-r21 apiVersion: v2 @@ -34,4 +34,4 @@ maintainers: name: elasticsearch sources: - https://github.com/bitnami/charts/tree/main/bitnami/elasticsearch -version: 21.0.4 +version: 21.0.6 diff --git a/bitnami/elasticsearch/templates/coordinating/statefulset.yaml b/bitnami/elasticsearch/templates/coordinating/statefulset.yaml index d09910a87465b2..2875fa9cc38eaa 100644 --- a/bitnami/elasticsearch/templates/coordinating/statefulset.yaml +++ b/bitnami/elasticsearch/templates/coordinating/statefulset.yaml @@ -109,7 +109,7 @@ spec: image: {{ include "elasticsearch.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} {{- if .Values.coordinating.containerSecurityContext.enabled }} - securityContext: {{- omit .Values.coordinating.containerSecurityContext "enabled" | toYaml | nindent 12 }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.coordinating.containerSecurityContext "context" $) | nindent 12 }} {{- end }} {{- if .Values.coordinating.resources }} resources: {{- toYaml .Values.coordinating.resources | nindent 12 }} diff --git a/bitnami/elasticsearch/templates/data/statefulset.yaml b/bitnami/elasticsearch/templates/data/statefulset.yaml index 38ac9695526ce0..7dfd1b9e7d645c 100644 --- a/bitnami/elasticsearch/templates/data/statefulset.yaml +++ b/bitnami/elasticsearch/templates/data/statefulset.yaml @@ -134,7 +134,7 @@ spec: image: {{ include "elasticsearch.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} {{- if .Values.data.containerSecurityContext.enabled }} - securityContext: {{- omit .Values.data.containerSecurityContext "enabled" | toYaml | nindent 12 }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.data.containerSecurityContext "context" $) | nindent 12 }} {{- end }} {{- if .Values.data.resources }} resources: {{- toYaml .Values.data.resources | nindent 12 }} diff --git a/bitnami/elasticsearch/templates/ingest/statefulset.yaml b/bitnami/elasticsearch/templates/ingest/statefulset.yaml index 5ed96416893c1c..f749b2e726135c 100644 --- a/bitnami/elasticsearch/templates/ingest/statefulset.yaml +++ b/bitnami/elasticsearch/templates/ingest/statefulset.yaml @@ -109,7 +109,7 @@ spec: image: {{ include "elasticsearch.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} {{- if .Values.ingest.containerSecurityContext.enabled }} - securityContext: {{- omit .Values.ingest.containerSecurityContext "enabled" | toYaml | nindent 12 }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.ingest.containerSecurityContext "context" $) | nindent 12 }} {{- end }} {{- if .Values.ingest.resources }} resources: {{- toYaml .Values.ingest.resources | nindent 12 }} diff --git a/bitnami/elasticsearch/templates/master/statefulset.yaml b/bitnami/elasticsearch/templates/master/statefulset.yaml index a85467807f3ecf..1a4cc458c02d6c 100644 --- a/bitnami/elasticsearch/templates/master/statefulset.yaml +++ b/bitnami/elasticsearch/templates/master/statefulset.yaml @@ -131,7 +131,7 @@ spec: image: {{ include "elasticsearch.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} {{- if .Values.master.containerSecurityContext.enabled }} - securityContext: {{- omit .Values.master.containerSecurityContext "enabled" | toYaml | nindent 12 }} + securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.master.containerSecurityContext "context" $) | nindent 12 }} {{- end }} {{- if .Values.master.resources }} resources: {{- toYaml .Values.master.resources | nindent 12 }} diff --git a/bitnami/elasticsearch/values.yaml b/bitnami/elasticsearch/values.yaml index 7138dfab784dcb..4c19784f07abeb 100644 --- a/bitnami/elasticsearch/values.yaml +++ b/bitnami/elasticsearch/values.yaml @@ -2160,7 +2160,7 @@ metrics: image: registry: docker.io repository: bitnami/elasticsearch-exporter - tag: 1.7.0-debian-12-r18 + tag: 1.7.0-debian-12-r25 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/bitnami/etcd/Chart.yaml b/bitnami/etcd/Chart.yaml index 1577198e82cee2..45836edde90931 100644 --- a/bitnami/etcd/Chart.yaml +++ b/bitnami/etcd/Chart.yaml @@ -32,4 +32,4 @@ maintainers: name: etcd sources: - https://github.com/bitnami/charts/tree/main/bitnami/etcd -version: 10.0.9 +version: 10.0.11 diff --git a/bitnami/etcd/README.md b/bitnami/etcd/README.md index 78b0474daf7b4c..4e4685f96643d7 100644 --- a/bitnami/etcd/README.md +++ b/bitnami/etcd/README.md @@ -140,7 +140,7 @@ The etcd chart can be configured with Role-based access control and TLS encrypti In order to enable Role-Based Access Control for etcd, set the following parameters: ```text -auth.rbac.enabled=true +auth.rbac.create=true auth.rbac.rootPassword=ETCD_ROOT_PASSWORD ``` diff --git a/bitnami/etcd/templates/pdb.yaml b/bitnami/etcd/templates/pdb.yaml index edf61869a9e492..4dd23185c57fdd 100644 --- a/bitnami/etcd/templates/pdb.yaml +++ b/bitnami/etcd/templates/pdb.yaml @@ -3,8 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- $replicaCount := int .Values.replicaCount }} -{{- if and .Values.pdb.create (gt $replicaCount 1) }} +{{- if .Values.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: diff --git a/bitnami/etcd/templates/statefulset.yaml b/bitnami/etcd/templates/statefulset.yaml index c14fdc9934fa11..75003bacfac857 100644 --- a/bitnami/etcd/templates/statefulset.yaml +++ b/bitnami/etcd/templates/statefulset.yaml @@ -288,9 +288,9 @@ spec: livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.livenessProbe.enabled }} livenessProbe: - exec: - command: - - /opt/bitnami/scripts/etcd/healthcheck.sh + httpGet: + port: {{ .Values.containerPorts.client }} + path: /health initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} diff --git a/bitnami/external-dns/Chart.yaml b/bitnami/external-dns/Chart.yaml index c8c0ef86089d11..1cc81ae5d33b53 100644 --- a/bitnami/external-dns/Chart.yaml +++ b/bitnami/external-dns/Chart.yaml @@ -6,9 +6,9 @@ annotations: licenses: Apache-2.0 images: | - name: external-dns - image: docker.io/bitnami/external-dns:0.14.1-debian-12-r8 + image: docker.io/bitnami/external-dns:0.14.2-debian-12-r0 apiVersion: v2 -appVersion: 0.14.1 +appVersion: 0.14.2 dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts @@ -28,4 +28,4 @@ maintainers: name: external-dns sources: - https://github.com/bitnami/charts/tree/main/bitnami/external-dns -version: 7.3.2 +version: 7.3.4 diff --git a/bitnami/external-dns/templates/crds/crd.yaml b/bitnami/external-dns/templates/crds/crd.yaml index 80e56822daf82e..8cc43d6bdc6adc 100644 --- a/bitnami/external-dns/templates/crds/crd.yaml +++ b/bitnami/external-dns/templates/crds/crd.yaml @@ -1,16 +1,13 @@ # Source: https://raw.githubusercontent.com/kubernetes-sigs/external-dns/v{version}/docs/contributing/crd-source/crd-manifest.yaml -# Version: 0.14.1 +# Version: 0.14.2 # Conditional: .Values.crd.create {{- if .Values.crd.create }} - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 - api-approved.kubernetes.io: "https://github.com/kubernetes-sigs/external-dns/pull/2007" - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: dnsendpoints.externaldns.k8s.io spec: group: externaldns.k8s.io @@ -26,10 +23,19 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -38,7 +44,8 @@ spec: properties: endpoints: items: - description: Endpoint is a high-level way of a connection between a service and an IP + description: Endpoint is a high-level way of a connection between + a service and an IP properties: dnsName: description: The hostname of the DNS record @@ -51,7 +58,8 @@ spec: providerSpecific: description: ProviderSpecific stores provider specific config items: - description: ProviderSpecificProperty holds the name and value of a configuration which is specific to individual DNS providers + description: ProviderSpecificProperty holds the name and value + of a configuration which is specific to individual DNS providers properties: name: type: string @@ -64,10 +72,13 @@ spec: format: int64 type: integer recordType: - description: RecordType type of record, e.g. CNAME, A, SRV, TXT etc + description: RecordType type of record, e.g. CNAME, A, AAAA, + SRV, TXT etc type: string setIdentifier: - description: Identifier to distinguish multiple records with the same name and type (e.g. Route53 records with routing policies other than 'simple') + description: Identifier to distinguish multiple records with + the same name and type (e.g. Route53 records with routing + policies other than 'simple') type: string targets: description: The targets the DNS record points to @@ -90,10 +101,4 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] {{- end }} diff --git a/bitnami/external-dns/values.yaml b/bitnami/external-dns/values.yaml index ca4bccd4257af6..0f35caf380e509 100644 --- a/bitnami/external-dns/values.yaml +++ b/bitnami/external-dns/values.yaml @@ -73,7 +73,7 @@ useDaemonset: false image: registry: docker.io repository: bitnami/external-dns - tag: 0.14.1-debian-12-r8 + tag: 0.14.2-debian-12-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/bitnami/flink/Chart.yaml b/bitnami/flink/Chart.yaml index 2c6ce5a17ca437..0bc3a763ac0a74 100644 --- a/bitnami/flink/Chart.yaml +++ b/bitnami/flink/Chart.yaml @@ -28,4 +28,4 @@ maintainers: name: flink sources: - https://github.com/bitnami/charts/tree/main/bitnami/flink -version: 1.1.2 +version: 1.1.3 diff --git a/bitnami/fluent-bit/Chart.yaml b/bitnami/fluent-bit/Chart.yaml index 03972a7d7a5691..4e8c03f5b2db02 100644 --- a/bitnami/fluent-bit/Chart.yaml +++ b/bitnami/fluent-bit/Chart.yaml @@ -28,4 +28,4 @@ maintainers: name: fluent-bit sources: - https://github.com/bitnami/charts/tree/main/bitnami/fluent-bit -version: 2.1.2 +version: 2.1.4 diff --git a/bitnami/fluent-bit/templates/daemonset.yaml b/bitnami/fluent-bit/templates/daemonset.yaml index cac583c58c25a6..bc438a95a60c0e 100644 --- a/bitnami/fluent-bit/templates/daemonset.yaml +++ b/bitnami/fluent-bit/templates/daemonset.yaml @@ -118,9 +118,8 @@ spec: livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.livenessProbe.enabled }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }} - httpGet: + tcpSocket: port: http - path: /api/v1/health {{- end }} {{- if .Values.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} diff --git a/bitnami/fluent-bit/templates/deployment.yaml b/bitnami/fluent-bit/templates/deployment.yaml index fc3d4d4e455f51..9c366b6b4dfed5 100644 --- a/bitnami/fluent-bit/templates/deployment.yaml +++ b/bitnami/fluent-bit/templates/deployment.yaml @@ -117,9 +117,8 @@ spec: livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.livenessProbe.enabled }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }} - httpGet: + tcpSocket: port: http - path: /api/v1/health {{- end }} {{- if .Values.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} diff --git a/bitnami/fluentd/Chart.yaml b/bitnami/fluentd/Chart.yaml index 998024b89c8032..439ebde02b3654 100644 --- a/bitnami/fluentd/Chart.yaml +++ b/bitnami/fluentd/Chart.yaml @@ -30,4 +30,4 @@ maintainers: name: fluentd sources: - https://github.com/bitnami/charts/tree/main/bitnami/fluentd -version: 6.2.2 +version: 6.2.3 diff --git a/bitnami/flux/Chart.yaml b/bitnami/flux/Chart.yaml index faed2326d478f4..7389d6ff8bb8c4 100644 --- a/bitnami/flux/Chart.yaml +++ b/bitnami/flux/Chart.yaml @@ -43,4 +43,4 @@ maintainers: name: flux sources: - https://github.com/bitnami/charts/tree/main/bitnami/flux -version: 2.1.3 +version: 2.1.4 diff --git a/bitnami/ghost/Chart.lock b/bitnami/ghost/Chart.lock index d12f5bfba06f48..d823434e60dcaa 100644 --- a/bitnami/ghost/Chart.lock +++ b/bitnami/ghost/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: mysql repository: oci://registry-1.docker.io/bitnamicharts - version: 10.2.2 + version: 10.2.4 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:41160df83dc17c80db563c344268b7dcc5c0e3d02c1cd44b1019724fd9c3a575 -generated: "2024-05-03T20:08:20.736560813Z" +digest: sha256:b74a4ce040396e03c4390a57774aaf9630a5136e3c86882fbc90d5f3d0c8a8b1 +generated: "2024-05-16T06:54:14.969415153Z" diff --git a/bitnami/ghost/Chart.yaml b/bitnami/ghost/Chart.yaml index 697545e996ddf1..6f729b5155260b 100644 --- a/bitnami/ghost/Chart.yaml +++ b/bitnami/ghost/Chart.yaml @@ -6,11 +6,11 @@ annotations: licenses: Apache-2.0 images: | - name: ghost - image: docker.io/bitnami/ghost:5.82.9-debian-12-r1 + image: docker.io/bitnami/ghost:5.82.11-debian-12-r0 - name: os-shell image: docker.io/bitnami/os-shell:12-debian-12-r21 apiVersion: v2 -appVersion: 5.82.9 +appVersion: 5.82.11 dependencies: - condition: mysql.enabled name: mysql @@ -40,4 +40,4 @@ maintainers: name: ghost sources: - https://github.com/bitnami/charts/tree/main/bitnami/ghost -version: 20.0.11 +version: 20.0.15 diff --git a/bitnami/ghost/templates/deployment.yaml b/bitnami/ghost/templates/deployment.yaml index 1be2aa91031b8e..7cd5ec58435f57 100644 --- a/bitnami/ghost/templates/deployment.yaml +++ b/bitnami/ghost/templates/deployment.yaml @@ -267,15 +267,8 @@ spec: livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.livenessProbe.enabled }} livenessProbe: - httpGet: - path: / - port: {{ ternary "https" "http" .Values.ghostEnableHttps | quote }} - scheme: HTTP - {{- if .Values.ghostEnableHttps }} - httpHeaders: - - name: x-forwarded-proto - value: https - {{- end }} + tcpSocket: + port: {{ ternary .Values.containerPorts.https .Values.containerPorts.http .Values.ghostEnableHttps }} initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} diff --git a/bitnami/ghost/values.yaml b/bitnami/ghost/values.yaml index 0cfc0be1a2958e..f35e01aed6209a 100644 --- a/bitnami/ghost/values.yaml +++ b/bitnami/ghost/values.yaml @@ -79,7 +79,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/ghost - tag: 5.82.9-debian-12-r1 + tag: 5.82.11-debian-12-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/bitnami/gitea/Chart.lock b/bitnami/gitea/Chart.lock index bdcb0c65c6b139..a07d7d2cf0990b 100644 --- a/bitnami/gitea/Chart.lock +++ b/bitnami/gitea/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.3.1 + version: 15.3.2 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:0a137267accf031c1dd6e0f4779956e4e1c02065ff182b6eeadd95f9c5873bc9 -generated: "2024-05-13T21:21:12.705823327Z" +digest: sha256:b3be00d62395c3cbec87e3ed0b505d68b48a969323d3e4bb14428dca34c75a52 +generated: "2024-05-18T01:03:17.144495516Z" diff --git a/bitnami/gitea/Chart.yaml b/bitnami/gitea/Chart.yaml index 91d3b62ac8a024..24f0202c149697 100644 --- a/bitnami/gitea/Chart.yaml +++ b/bitnami/gitea/Chart.yaml @@ -37,4 +37,4 @@ maintainers: name: gitea sources: - https://github.com/bitnami/charts/tree/main/bitnami/gitea -version: 2.1.0 +version: 2.1.1 diff --git a/bitnami/grafana-loki/Chart.lock b/bitnami/grafana-loki/Chart.lock index b49845fad26568..c210f78ff0d22b 100644 --- a/bitnami/grafana-loki/Chart.lock +++ b/bitnami/grafana-loki/Chart.lock @@ -1,18 +1,18 @@ dependencies: - name: memcached repository: oci://registry-1.docker.io/bitnamicharts - version: 7.0.5 + version: 7.0.6 - name: memcached repository: oci://registry-1.docker.io/bitnamicharts - version: 7.0.5 + version: 7.0.6 - name: memcached repository: oci://registry-1.docker.io/bitnamicharts - version: 7.0.5 + version: 7.0.6 - name: memcached repository: oci://registry-1.docker.io/bitnamicharts - version: 7.0.5 + version: 7.0.6 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:3459433f7b44cbd1b29b8982fb1235d7cb32735689921057e9c7eb5b5a305ade -generated: "2024-05-13T12:16:37.903494517Z" +digest: sha256:d81d7a693c9a3acc630a8011e91d367e976e6978f56a5366709e9a77d4e6c99a +generated: "2024-05-18T01:06:12.637318458Z" diff --git a/bitnami/grafana-loki/Chart.yaml b/bitnami/grafana-loki/Chart.yaml index 5b300fbfc5f28d..f6c77b74bfecbc 100644 --- a/bitnami/grafana-loki/Chart.yaml +++ b/bitnami/grafana-loki/Chart.yaml @@ -8,13 +8,13 @@ annotations: - name: grafana-loki image: docker.io/bitnami/grafana-loki:3.0.0-debian-12-r5 - name: memcached - image: docker.io/bitnami/memcached:1.6.27-debian-12-r1 + image: docker.io/bitnami/memcached:1.6.27-debian-12-r2 - name: nginx - image: docker.io/bitnami/nginx:1.26.0-debian-12-r0 + image: docker.io/bitnami/nginx:1.26.0-debian-12-r1 - name: os-shell image: docker.io/bitnami/os-shell:12-debian-12-r21 - name: promtail - image: docker.io/bitnami/promtail:3.0.0-debian-12-r4 + image: docker.io/bitnami/promtail:3.0.0-debian-12-r5 apiVersion: v2 appVersion: 3.0.0 dependencies: @@ -57,4 +57,4 @@ maintainers: name: grafana-loki sources: - https://github.com/bitnami/charts/tree/main/bitnami/grafana-loki -version: 4.0.3 +version: 4.1.1 diff --git a/bitnami/grafana-loki/README.md b/bitnami/grafana-loki/README.md index e52bf238ac7c22..cb88c4a802926f 100644 --- a/bitnami/grafana-loki/README.md +++ b/bitnami/grafana-loki/README.md @@ -294,27 +294,29 @@ The [Bitnami grafana-loki](https://github.com/bitnami/containers/tree/main/bitna ### Compactor Traffic Exposure Parameters -| Name | Description | Value | -| ------------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `compactor.service.type` | Compactor service type | `ClusterIP` | -| `compactor.service.ports.http` | Compactor HTTP service port | `3100` | -| `compactor.service.ports.grpc` | Compactor gRPC service port | `9095` | -| `compactor.service.nodePorts.http` | Node port for HTTP | `""` | -| `compactor.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `compactor.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `compactor.service.clusterIP` | Compactor service Cluster IP | `""` | -| `compactor.service.loadBalancerIP` | Compactor service Load Balancer IP | `""` | -| `compactor.service.loadBalancerSourceRanges` | Compactor service Load Balancer sources | `[]` | -| `compactor.service.externalTrafficPolicy` | Compactor service external traffic policy | `Cluster` | -| `compactor.service.annotations` | Additional custom annotations for Compactor service | `{}` | -| `compactor.service.extraPorts` | Extra ports to expose in the Compactor service | `[]` | -| `compactor.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `compactor.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `compactor.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `compactor.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `compactor.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `compactor.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `compactor.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| ------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------- | ----------- | +| `compactor.service.type` | Compactor service type | `ClusterIP` | +| `compactor.service.ports.http` | Compactor HTTP service port | `3100` | +| `compactor.service.ports.grpc` | Compactor gRPC service port | `9095` | +| `compactor.service.nodePorts.http` | Node port for HTTP | `""` | +| `compactor.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `compactor.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `compactor.service.clusterIP` | Compactor service Cluster IP | `""` | +| `compactor.service.loadBalancerIP` | Compactor service Load Balancer IP | `""` | +| `compactor.service.loadBalancerSourceRanges` | Compactor service Load Balancer sources | `[]` | +| `compactor.service.externalTrafficPolicy` | Compactor service external traffic policy | `Cluster` | +| `compactor.service.annotations` | Additional custom annotations for Compactor service | `{}` | +| `compactor.service.extraPorts` | Extra ports to expose in the Compactor service | `[]` | +| `compactor.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `compactor.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `compactor.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `compactor.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `compactor.networkPolicy.allowExternal` is true. | `true` | +| `compactor.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `compactor.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `compactor.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `compactor.networkPolicy.allowExternal` is true. | `{}` | +| `compactor.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `compactor.networkPolicy.allowExternal` is true. | `{}` | +| `compactor.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `compactor.networkPolicy.allowExternal` is true. | `{}` | ### Gateway Deployment Parameters @@ -419,10 +421,12 @@ The [Bitnami grafana-loki](https://github.com/bitnami/containers/tree/main/bitna | `gateway.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | | `gateway.networkPolicy.allowExternal` | Don't require server label for connections | `true` | | `gateway.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `gateway.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `gateway.networkPolicy.allowExternal` is true. | `true` | | `gateway.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | | `gateway.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `gateway.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `gateway.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| `gateway.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `gateway.networkPolicy.allowExternal` is true. | `{}` | +| `gateway.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `gateway.networkPolicy.allowExternal` is true. | `{}` | +| `gateway.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `gateway.networkPolicy.allowExternal` is true. | `{}` | | `gateway.ingress.enabled` | Enable ingress record generation for Loki Gateway | `false` | | `gateway.ingress.pathType` | Ingress path type | `ImplementationSpecific` | | `gateway.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | @@ -525,28 +529,30 @@ The [Bitnami grafana-loki](https://github.com/bitnami/containers/tree/main/bitna ### index-gateway Traffic Exposure Parameters -| Name | Description | Value | -| ---------------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `indexGateway.service.type` | index-gateway service type | `ClusterIP` | -| `indexGateway.service.ports.http` | index-gateway HTTP service port | `3100` | -| `indexGateway.service.ports.grpc` | index-gateway GRPC service port | `9095` | -| `indexGateway.service.nodePorts.http` | Node port for HTTP | `""` | -| `indexGateway.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `indexGateway.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `indexGateway.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `indexGateway.service.clusterIP` | index-gateway service Cluster IP | `""` | -| `indexGateway.service.loadBalancerIP` | index-gateway service Load Balancer IP | `""` | -| `indexGateway.service.loadBalancerSourceRanges` | index-gateway service Load Balancer sources | `[]` | -| `indexGateway.service.externalTrafficPolicy` | index-gateway service external traffic policy | `Cluster` | -| `indexGateway.service.annotations` | Additional custom annotations for index-gateway service | `{}` | -| `indexGateway.service.extraPorts` | Extra ports to expose in the index-gateway service | `[]` | -| `indexGateway.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `indexGateway.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `indexGateway.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `indexGateway.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `indexGateway.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `indexGateway.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `indexGateway.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| ---------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ----------- | +| `indexGateway.service.type` | index-gateway service type | `ClusterIP` | +| `indexGateway.service.ports.http` | index-gateway HTTP service port | `3100` | +| `indexGateway.service.ports.grpc` | index-gateway GRPC service port | `9095` | +| `indexGateway.service.nodePorts.http` | Node port for HTTP | `""` | +| `indexGateway.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `indexGateway.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `indexGateway.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `indexGateway.service.clusterIP` | index-gateway service Cluster IP | `""` | +| `indexGateway.service.loadBalancerIP` | index-gateway service Load Balancer IP | `""` | +| `indexGateway.service.loadBalancerSourceRanges` | index-gateway service Load Balancer sources | `[]` | +| `indexGateway.service.externalTrafficPolicy` | index-gateway service external traffic policy | `Cluster` | +| `indexGateway.service.annotations` | Additional custom annotations for index-gateway service | `{}` | +| `indexGateway.service.extraPorts` | Extra ports to expose in the index-gateway service | `[]` | +| `indexGateway.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `indexGateway.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `indexGateway.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `indexGateway.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `indexGateway.networkPolicy.allowExternal` is true. | `true` | +| `indexGateway.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `indexGateway.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `indexGateway.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `indexGateway.networkPolicy.allowExternal` is true. | `{}` | +| `indexGateway.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `indexGateway.networkPolicy.allowExternal` is true. | `{}` | +| `indexGateway.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `indexGateway.networkPolicy.allowExternal` is true. | `{}` | ### Distributor Deployment Parameters @@ -622,28 +628,30 @@ The [Bitnami grafana-loki](https://github.com/bitnami/containers/tree/main/bitna ### Distributor Traffic Exposure Parameters -| Name | Description | Value | -| --------------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `distributor.service.type` | Distributor service type | `ClusterIP` | -| `distributor.service.ports.http` | Distributor HTTP service port | `3100` | -| `distributor.service.ports.grpc` | Distributor GRPC service port | `9095` | -| `distributor.service.nodePorts.http` | Node port for HTTP | `""` | -| `distributor.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `distributor.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `distributor.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `distributor.service.clusterIP` | Distributor service Cluster IP | `""` | -| `distributor.service.loadBalancerIP` | Distributor service Load Balancer IP | `""` | -| `distributor.service.loadBalancerSourceRanges` | Distributor service Load Balancer sources | `[]` | -| `distributor.service.externalTrafficPolicy` | Distributor service external traffic policy | `Cluster` | -| `distributor.service.annotations` | Additional custom annotations for Distributor service | `{}` | -| `distributor.service.extraPorts` | Extra ports to expose in the Distributor service | `[]` | -| `distributor.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `distributor.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `distributor.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `distributor.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `distributor.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `distributor.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `distributor.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | ----------- | +| `distributor.service.type` | Distributor service type | `ClusterIP` | +| `distributor.service.ports.http` | Distributor HTTP service port | `3100` | +| `distributor.service.ports.grpc` | Distributor GRPC service port | `9095` | +| `distributor.service.nodePorts.http` | Node port for HTTP | `""` | +| `distributor.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `distributor.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `distributor.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `distributor.service.clusterIP` | Distributor service Cluster IP | `""` | +| `distributor.service.loadBalancerIP` | Distributor service Load Balancer IP | `""` | +| `distributor.service.loadBalancerSourceRanges` | Distributor service Load Balancer sources | `[]` | +| `distributor.service.externalTrafficPolicy` | Distributor service external traffic policy | `Cluster` | +| `distributor.service.annotations` | Additional custom annotations for Distributor service | `{}` | +| `distributor.service.extraPorts` | Extra ports to expose in the Distributor service | `[]` | +| `distributor.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `distributor.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `distributor.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `distributor.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `distributor.networkPolicy.allowExternal` is true. | `true` | +| `distributor.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `distributor.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `distributor.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `distributor.networkPolicy.allowExternal` is true. | `{}` | +| `distributor.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `distributor.networkPolicy.allowExternal` is true. | `{}` | +| `distributor.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `distributor.networkPolicy.allowExternal` is true. | `{}` | ### Ingester Deployment Parameters @@ -732,28 +740,30 @@ The [Bitnami grafana-loki](https://github.com/bitnami/containers/tree/main/bitna ### Ingester Traffic Exposure Parameters -| Name | Description | Value | -| ------------------------------------------------ | ---------------------------------------------------------------- | ----------- | -| `ingester.service.type` | Ingester service type | `ClusterIP` | -| `ingester.service.ports.http` | Ingester HTTP service port | `3100` | -| `ingester.service.ports.grpc` | Ingester GRPC service port | `9095` | -| `ingester.service.nodePorts.http` | Node port for HTTP | `""` | -| `ingester.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `ingester.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `ingester.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `ingester.service.clusterIP` | Ingester service Cluster IP | `""` | -| `ingester.service.loadBalancerIP` | Ingester service Load Balancer IP | `""` | -| `ingester.service.loadBalancerSourceRanges` | Ingester service Load Balancer sources | `[]` | -| `ingester.service.externalTrafficPolicy` | Ingester service external traffic policy | `Cluster` | -| `ingester.service.annotations` | Additional custom annotations for Ingester service | `{}` | -| `ingester.service.extraPorts` | Extra ports to expose in the Ingester service | `[]` | -| `ingester.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `ingester.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `ingester.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `ingester.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `ingester.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `ingester.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `ingester.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------- | ----------- | +| `ingester.service.type` | Ingester service type | `ClusterIP` | +| `ingester.service.ports.http` | Ingester HTTP service port | `3100` | +| `ingester.service.ports.grpc` | Ingester GRPC service port | `9095` | +| `ingester.service.nodePorts.http` | Node port for HTTP | `""` | +| `ingester.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `ingester.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `ingester.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `ingester.service.clusterIP` | Ingester service Cluster IP | `""` | +| `ingester.service.loadBalancerIP` | Ingester service Load Balancer IP | `""` | +| `ingester.service.loadBalancerSourceRanges` | Ingester service Load Balancer sources | `[]` | +| `ingester.service.externalTrafficPolicy` | Ingester service external traffic policy | `Cluster` | +| `ingester.service.annotations` | Additional custom annotations for Ingester service | `{}` | +| `ingester.service.extraPorts` | Extra ports to expose in the Ingester service | `[]` | +| `ingester.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `ingester.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `ingester.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `ingester.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `ingester.networkPolicy.allowExternal` is true. | `true` | +| `ingester.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `ingester.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `ingester.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `ingester.networkPolicy.allowExternal` is true. | `{}` | +| `ingester.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `ingester.networkPolicy.allowExternal` is true. | `{}` | +| `ingester.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `ingester.networkPolicy.allowExternal` is true. | `{}` | ### Querier Deployment Parameters @@ -842,28 +852,30 @@ The [Bitnami grafana-loki](https://github.com/bitnami/containers/tree/main/bitna ### Querier Traffic Exposure Parameters -| Name | Description | Value | -| ----------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `querier.service.type` | Querier service type | `ClusterIP` | -| `querier.service.ports.http` | Querier HTTP service port | `3100` | -| `querier.service.ports.grpc` | Querier GRPC service port | `9095` | -| `querier.service.nodePorts.http` | Node port for HTTP | `""` | -| `querier.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `querier.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `querier.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `querier.service.clusterIP` | Querier service Cluster IP | `""` | -| `querier.service.loadBalancerIP` | Querier service Load Balancer IP | `""` | -| `querier.service.loadBalancerSourceRanges` | Querier service Load Balancer sources | `[]` | -| `querier.service.externalTrafficPolicy` | Querier service external traffic policy | `Cluster` | -| `querier.service.annotations` | Additional custom annotations for Querier service | `{}` | -| `querier.service.extraPorts` | Extra ports to expose in the Querier service | `[]` | -| `querier.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `querier.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `querier.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `querier.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `querier.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `querier.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `querier.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| ----------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ----------- | +| `querier.service.type` | Querier service type | `ClusterIP` | +| `querier.service.ports.http` | Querier HTTP service port | `3100` | +| `querier.service.ports.grpc` | Querier GRPC service port | `9095` | +| `querier.service.nodePorts.http` | Node port for HTTP | `""` | +| `querier.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `querier.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `querier.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `querier.service.clusterIP` | Querier service Cluster IP | `""` | +| `querier.service.loadBalancerIP` | Querier service Load Balancer IP | `""` | +| `querier.service.loadBalancerSourceRanges` | Querier service Load Balancer sources | `[]` | +| `querier.service.externalTrafficPolicy` | Querier service external traffic policy | `Cluster` | +| `querier.service.annotations` | Additional custom annotations for Querier service | `{}` | +| `querier.service.extraPorts` | Extra ports to expose in the Querier service | `[]` | +| `querier.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `querier.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `querier.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `querier.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `querier.networkPolicy.allowExternal` is true. | `true` | +| `querier.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `querier.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `querier.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `querier.networkPolicy.allowExternal` is true. | `{}` | +| `querier.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `querier.networkPolicy.allowExternal` is true. | `{}` | +| `querier.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `querier.networkPolicy.allowExternal` is true. | `{}` | ### Query Frontend Deployment Parameters @@ -939,29 +951,31 @@ The [Bitnami grafana-loki](https://github.com/bitnami/containers/tree/main/bitna ### Query Frontend Traffic Exposure Parameters -| Name | Description | Value | -| ----------------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `queryFrontend.service.type` | queryFrontend service type | `ClusterIP` | -| `queryFrontend.service.ports.http` | queryFrontend HTTP service port | `3100` | -| `queryFrontend.service.ports.grpc` | queryFrontend GRPC service port | `9095` | -| `queryFrontend.service.nodePorts.http` | Node port for HTTP | `""` | -| `queryFrontend.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `queryFrontend.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `queryFrontend.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `queryFrontend.service.clusterIP` | queryFrontend service Cluster IP | `""` | -| `queryFrontend.service.loadBalancerIP` | queryFrontend service Load Balancer IP | `""` | -| `queryFrontend.service.loadBalancerSourceRanges` | queryFrontend service Load Balancer sources | `[]` | -| `queryFrontend.service.externalTrafficPolicy` | queryFrontend service external traffic policy | `Cluster` | -| `queryFrontend.service.annotations` | Additional custom annotations for queryFrontend service | `{}` | -| `queryFrontend.service.extraPorts` | Extra ports to expose in the queryFrontend service | `[]` | -| `queryFrontend.service.headless.annotations` | Annotations for the headless service. | `{}` | -| `queryFrontend.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `queryFrontend.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `queryFrontend.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `queryFrontend.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `queryFrontend.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `queryFrontend.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `queryFrontend.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| ----------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------- | ----------- | +| `queryFrontend.service.type` | queryFrontend service type | `ClusterIP` | +| `queryFrontend.service.ports.http` | queryFrontend HTTP service port | `3100` | +| `queryFrontend.service.ports.grpc` | queryFrontend GRPC service port | `9095` | +| `queryFrontend.service.nodePorts.http` | Node port for HTTP | `""` | +| `queryFrontend.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `queryFrontend.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `queryFrontend.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `queryFrontend.service.clusterIP` | queryFrontend service Cluster IP | `""` | +| `queryFrontend.service.loadBalancerIP` | queryFrontend service Load Balancer IP | `""` | +| `queryFrontend.service.loadBalancerSourceRanges` | queryFrontend service Load Balancer sources | `[]` | +| `queryFrontend.service.externalTrafficPolicy` | queryFrontend service external traffic policy | `Cluster` | +| `queryFrontend.service.annotations` | Additional custom annotations for queryFrontend service | `{}` | +| `queryFrontend.service.extraPorts` | Extra ports to expose in the queryFrontend service | `[]` | +| `queryFrontend.service.headless.annotations` | Annotations for the headless service. | `{}` | +| `queryFrontend.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `queryFrontend.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `queryFrontend.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `queryFrontend.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `queryFrontend.networkPolicy.allowExternal` is true. | `true` | +| `queryFrontend.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `queryFrontend.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `queryFrontend.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `queryFrontend.networkPolicy.allowExternal` is true. | `{}` | +| `queryFrontend.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `queryFrontend.networkPolicy.allowExternal` is true. | `{}` | +| `queryFrontend.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `queryFrontend.networkPolicy.allowExternal` is true. | `{}` | ### Query Scheduler Deployment Parameters @@ -1038,28 +1052,30 @@ The [Bitnami grafana-loki](https://github.com/bitnami/containers/tree/main/bitna ### Query Scheduler Traffic Exposure Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ---------------------------------------------------------------- | ----------- | -| `queryScheduler.service.type` | queryScheduler service type | `ClusterIP` | -| `queryScheduler.service.ports.http` | queryScheduler HTTP service port | `3100` | -| `queryScheduler.service.ports.grpc` | queryScheduler GRPC service port | `9095` | -| `queryScheduler.service.nodePorts.http` | Node port for HTTP | `""` | -| `queryScheduler.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `queryScheduler.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `queryScheduler.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `queryScheduler.service.clusterIP` | queryScheduler service Cluster IP | `""` | -| `queryScheduler.service.loadBalancerIP` | queryScheduler service Load Balancer IP | `""` | -| `queryScheduler.service.loadBalancerSourceRanges` | queryScheduler service Load Balancer sources | `[]` | -| `queryScheduler.service.externalTrafficPolicy` | queryScheduler service external traffic policy | `Cluster` | -| `queryScheduler.service.annotations` | Additional custom annotations for queryScheduler service | `{}` | -| `queryScheduler.service.extraPorts` | Extra ports to expose in the queryScheduler service | `[]` | -| `queryScheduler.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `queryScheduler.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `queryScheduler.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `queryScheduler.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `queryScheduler.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `queryScheduler.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `queryScheduler.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| ------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------- | ----------- | +| `queryScheduler.service.type` | queryScheduler service type | `ClusterIP` | +| `queryScheduler.service.ports.http` | queryScheduler HTTP service port | `3100` | +| `queryScheduler.service.ports.grpc` | queryScheduler GRPC service port | `9095` | +| `queryScheduler.service.nodePorts.http` | Node port for HTTP | `""` | +| `queryScheduler.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `queryScheduler.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `queryScheduler.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `queryScheduler.service.clusterIP` | queryScheduler service Cluster IP | `""` | +| `queryScheduler.service.loadBalancerIP` | queryScheduler service Load Balancer IP | `""` | +| `queryScheduler.service.loadBalancerSourceRanges` | queryScheduler service Load Balancer sources | `[]` | +| `queryScheduler.service.externalTrafficPolicy` | queryScheduler service external traffic policy | `Cluster` | +| `queryScheduler.service.annotations` | Additional custom annotations for queryScheduler service | `{}` | +| `queryScheduler.service.extraPorts` | Extra ports to expose in the queryScheduler service | `[]` | +| `queryScheduler.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `queryScheduler.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `queryScheduler.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `queryScheduler.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `queryScheduler.networkPolicy.allowExternal` is true. | `true` | +| `queryScheduler.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `queryScheduler.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `queryScheduler.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `queryScheduler.networkPolicy.allowExternal` is true. | `{}` | +| `queryScheduler.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `queryScheduler.networkPolicy.allowExternal` is true. | `{}` | +| `queryScheduler.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `queryScheduler.networkPolicy.allowExternal` is true. | `{}` | ### Ruler Deployment Parameters @@ -1149,28 +1165,30 @@ The [Bitnami grafana-loki](https://github.com/bitnami/containers/tree/main/bitna ### Ruler Traffic Exposure Parameters -| Name | Description | Value | -| --------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `ruler.service.type` | Ruler service type | `ClusterIP` | -| `ruler.service.ports.http` | Ruler HTTP service port | `3100` | -| `ruler.service.ports.grpc` | Ruler GRPC service port | `9095` | -| `ruler.service.nodePorts.http` | Node port for HTTP | `""` | -| `ruler.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `ruler.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `ruler.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `ruler.service.clusterIP` | Ruler service Cluster IP | `""` | -| `ruler.service.loadBalancerIP` | Ruler service Load Balancer IP | `""` | -| `ruler.service.loadBalancerSourceRanges` | Ruler service Load Balancer sources | `[]` | -| `ruler.service.externalTrafficPolicy` | Ruler service external traffic policy | `Cluster` | -| `ruler.service.annotations` | Additional custom annotations for Ruler service | `{}` | -| `ruler.service.extraPorts` | Extra ports to expose in the Ruler service | `[]` | -| `ruler.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `ruler.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `ruler.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `ruler.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `ruler.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `ruler.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `ruler.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ----------- | +| `ruler.service.type` | Ruler service type | `ClusterIP` | +| `ruler.service.ports.http` | Ruler HTTP service port | `3100` | +| `ruler.service.ports.grpc` | Ruler GRPC service port | `9095` | +| `ruler.service.nodePorts.http` | Node port for HTTP | `""` | +| `ruler.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `ruler.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `ruler.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `ruler.service.clusterIP` | Ruler service Cluster IP | `""` | +| `ruler.service.loadBalancerIP` | Ruler service Load Balancer IP | `""` | +| `ruler.service.loadBalancerSourceRanges` | Ruler service Load Balancer sources | `[]` | +| `ruler.service.externalTrafficPolicy` | Ruler service external traffic policy | `Cluster` | +| `ruler.service.annotations` | Additional custom annotations for Ruler service | `{}` | +| `ruler.service.extraPorts` | Extra ports to expose in the Ruler service | `[]` | +| `ruler.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `ruler.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `ruler.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `ruler.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `ruler.networkPolicy.allowExternal` is true. | `true` | +| `ruler.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `ruler.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `ruler.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `ruler.networkPolicy.allowExternal` is true. | `{}` | +| `ruler.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `ruler.networkPolicy.allowExternal` is true. | `{}` | +| `ruler.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `ruler.networkPolicy.allowExternal` is true. | `{}` | ### table-manager Deployment Parameters @@ -1247,28 +1265,30 @@ The [Bitnami grafana-loki](https://github.com/bitnami/containers/tree/main/bitna ### table-manager Traffic Exposure Parameters -| Name | Description | Value | -| ---------------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `tableManager.service.type` | table-manager service type | `ClusterIP` | -| `tableManager.service.ports.http` | table-manager HTTP service port | `3100` | -| `tableManager.service.ports.grpc` | table-manager GRPC service port | `9095` | -| `tableManager.service.nodePorts.http` | Node port for HTTP | `""` | -| `tableManager.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `tableManager.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `tableManager.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `tableManager.service.clusterIP` | table-manager service Cluster IP | `""` | -| `tableManager.service.loadBalancerIP` | table-manager service Load Balancer IP | `""` | -| `tableManager.service.loadBalancerSourceRanges` | table-manager service Load Balancer sources | `[]` | -| `tableManager.service.externalTrafficPolicy` | table-manager service external traffic policy | `Cluster` | -| `tableManager.service.annotations` | Additional custom annotations for table-manager service | `{}` | -| `tableManager.service.extraPorts` | Extra ports to expose in the table-manager service | `[]` | -| `tableManager.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `tableManager.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `tableManager.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `tableManager.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `tableManager.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `tableManager.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `tableManager.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| ---------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ----------- | +| `tableManager.service.type` | table-manager service type | `ClusterIP` | +| `tableManager.service.ports.http` | table-manager HTTP service port | `3100` | +| `tableManager.service.ports.grpc` | table-manager GRPC service port | `9095` | +| `tableManager.service.nodePorts.http` | Node port for HTTP | `""` | +| `tableManager.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `tableManager.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `tableManager.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `tableManager.service.clusterIP` | table-manager service Cluster IP | `""` | +| `tableManager.service.loadBalancerIP` | table-manager service Load Balancer IP | `""` | +| `tableManager.service.loadBalancerSourceRanges` | table-manager service Load Balancer sources | `[]` | +| `tableManager.service.externalTrafficPolicy` | table-manager service external traffic policy | `Cluster` | +| `tableManager.service.annotations` | Additional custom annotations for table-manager service | `{}` | +| `tableManager.service.extraPorts` | Extra ports to expose in the table-manager service | `[]` | +| `tableManager.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `tableManager.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `tableManager.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `tableManager.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `tableManager.networkPolicy.allowExternal` is true. | `true` | +| `tableManager.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `tableManager.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `tableManager.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `tableManager.networkPolicy.allowExternal` is true. | `{}` | +| `tableManager.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `tableManager.networkPolicy.allowExternal` is true. | `{}` | +| `tableManager.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `tableManager.networkPolicy.allowExternal` is true. | `{}` | ### Promtail Deployment Parameters @@ -1354,33 +1374,35 @@ The [Bitnami grafana-loki](https://github.com/bitnami/containers/tree/main/bitna ### Promtail Traffic Exposure Parameters -| Name | Description | Value | -| ------------------------------------------------------ | -------------------------------------------------------------------------------------------------- | ----------- | -| `promtail.service.type` | Promtail service type | `ClusterIP` | -| `promtail.service.ports.http` | Promtail HTTP service port | `3100` | -| `promtail.service.ports.grpc` | Promtail gRPC service port | `9095` | -| `promtail.service.nodePorts.http` | Node port for HTTP | `""` | -| `promtail.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `promtail.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `promtail.service.clusterIP` | Promtail service Cluster IP | `""` | -| `promtail.service.loadBalancerIP` | Promtail service Load Balancer IP | `""` | -| `promtail.service.loadBalancerSourceRanges` | Promtail service Load Balancer sources | `[]` | -| `promtail.service.externalTrafficPolicy` | Promtail service external traffic policy | `Cluster` | -| `promtail.service.annotations` | Additional custom annotations for Promtail service | `{}` | -| `promtail.service.extraPorts` | Extra ports to expose in the Promtail service | `[]` | -| `promtail.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `promtail.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `promtail.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `promtail.networkPolicy.kubeAPIServerPorts` | List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security) | `[]` | -| `promtail.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `promtail.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `promtail.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `promtail.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | -| `promtail.rbac.create` | Create RBAC rules | `true` | -| `promtail.serviceAccount.create` | Enable creation of ServiceAccount for Promtail pods | `true` | -| `promtail.serviceAccount.name` | The name of the ServiceAccount to use | `""` | -| `promtail.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the promtail.serviceAccount.created | `false` | -| `promtail.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| Name | Description | Value | +| ------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------- | ----------- | +| `promtail.service.type` | Promtail service type | `ClusterIP` | +| `promtail.service.ports.http` | Promtail HTTP service port | `3100` | +| `promtail.service.ports.grpc` | Promtail gRPC service port | `9095` | +| `promtail.service.nodePorts.http` | Node port for HTTP | `""` | +| `promtail.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `promtail.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `promtail.service.clusterIP` | Promtail service Cluster IP | `""` | +| `promtail.service.loadBalancerIP` | Promtail service Load Balancer IP | `""` | +| `promtail.service.loadBalancerSourceRanges` | Promtail service Load Balancer sources | `[]` | +| `promtail.service.externalTrafficPolicy` | Promtail service external traffic policy | `Cluster` | +| `promtail.service.annotations` | Additional custom annotations for Promtail service | `{}` | +| `promtail.service.extraPorts` | Extra ports to expose in the Promtail service | `[]` | +| `promtail.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `promtail.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `promtail.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `promtail.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `promtail.networkPolicy.allowExternal` is true. | `true` | +| `promtail.networkPolicy.kubeAPIServerPorts` | List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security) | `[]` | +| `promtail.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `promtail.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `promtail.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `promtail.networkPolicy.allowExternal` is true. | `{}` | +| `promtail.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `promtail.networkPolicy.allowExternal` is true. | `{}` | +| `promtail.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `promtail.networkPolicy.allowExternal` is true. | `{}` | +| `promtail.rbac.create` | Create RBAC rules | `true` | +| `promtail.serviceAccount.create` | Enable creation of ServiceAccount for Promtail pods | `true` | +| `promtail.serviceAccount.name` | The name of the ServiceAccount to use | `""` | +| `promtail.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the promtail.serviceAccount.created | `false` | +| `promtail.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | ### Init Container Parameters diff --git a/bitnami/grafana-loki/templates/compactor/networkpolicy.yaml b/bitnami/grafana-loki/templates/compactor/networkpolicy.yaml index 6b506ce554f6cd..766a178dc6bd8e 100644 --- a/bitnami/grafana-loki/templates/compactor/networkpolicy.yaml +++ b/bitnami/grafana-loki/templates/compactor/networkpolicy.yaml @@ -122,21 +122,21 @@ spec: - podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} app.kubernetes.io/part-of: grafana-loki + {{- if .Values.compactor.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-loki.compactor.fullname" . }}-compactor: "true" + {{- end }} + {{- if .Values.compactor.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.compactor.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.compactor.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.compactor.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.compactor.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.compactor.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.compactor.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.compactor.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-loki/templates/distributor/networkpolicy.yaml b/bitnami/grafana-loki/templates/distributor/networkpolicy.yaml index 651a01c3f2eeab..eb1cfdf52e45ab 100644 --- a/bitnami/grafana-loki/templates/distributor/networkpolicy.yaml +++ b/bitnami/grafana-loki/templates/distributor/networkpolicy.yaml @@ -114,21 +114,21 @@ spec: - podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} app.kubernetes.io/part-of: grafana-loki + {{- if .Values.distributor.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-loki.distributor.fullname" . }}-distributor: "true" + {{- end }} + {{- if .Values.distributor.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.distributor.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.distributor.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.distributor.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.distributor.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.distributor.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.distributor.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.distributor.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-loki/templates/gateway/networkpolicy.yaml b/bitnami/grafana-loki/templates/gateway/networkpolicy.yaml index 4ceffe3f7547f5..ac5b9fefdd5b28 100644 --- a/bitnami/grafana-loki/templates/gateway/networkpolicy.yaml +++ b/bitnami/grafana-loki/templates/gateway/networkpolicy.yaml @@ -113,21 +113,21 @@ spec: - podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} app.kubernetes.io/part-of: grafana-loki + {{- if .Values.gateway.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-loki.gateway.fullname" . }}-gateway: "true" + {{- end }} + {{- if .Values.gateway.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.gateway.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.gateway.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.gateway.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.gateway.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.gateway.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.gateway.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.gateway.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-loki/templates/index-gateway/networkpolicy.yaml b/bitnami/grafana-loki/templates/index-gateway/networkpolicy.yaml index dbcd87242f4d54..78b45b31e62a76 100644 --- a/bitnami/grafana-loki/templates/index-gateway/networkpolicy.yaml +++ b/bitnami/grafana-loki/templates/index-gateway/networkpolicy.yaml @@ -114,21 +114,21 @@ spec: - podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} app.kubernetes.io/part-of: grafana-loki + {{- if .Values.indexGateway.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-loki.index-gateway.fullname" . }}-index-gateway: "true" + {{- end }} + {{- if .Values.indexGateway.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.indexGateway.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.indexGateway.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.indexGateway.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.indexGateway.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.indexGateway.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.indexGateway.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.indexGateway.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-loki/templates/ingester/networkpolicy.yaml b/bitnami/grafana-loki/templates/ingester/networkpolicy.yaml index ac80e9c4e5aa68..7dfbb74c85acfb 100644 --- a/bitnami/grafana-loki/templates/ingester/networkpolicy.yaml +++ b/bitnami/grafana-loki/templates/ingester/networkpolicy.yaml @@ -114,21 +114,21 @@ spec: - podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} app.kubernetes.io/part-of: grafana-loki + {{- if .Values.ingester.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-loki.ingester.fullname" . }}-ingester: "true" + {{- end }} + {{- if .Values.ingester.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.ingester.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.ingester.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.ingester.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.ingester.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.ingester.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.ingester.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.ingester.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-loki/templates/promtail/networkpolicy.yaml b/bitnami/grafana-loki/templates/promtail/networkpolicy.yaml index c586304337e6b1..54b5d803920c5a 100644 --- a/bitnami/grafana-loki/templates/promtail/networkpolicy.yaml +++ b/bitnami/grafana-loki/templates/promtail/networkpolicy.yaml @@ -116,21 +116,21 @@ spec: - podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} app.kubernetes.io/part-of: grafana-loki + {{- if .Values.promtail.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-loki.promtail.fullname" . }}-promtail: "true" + {{- end }} + {{- if .Values.promtail.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.promtail.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.promtail.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.promtail.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.promtail.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.promtail.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.promtail.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.promtail.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-loki/templates/querier/networkpolicy.yaml b/bitnami/grafana-loki/templates/querier/networkpolicy.yaml index 41d667b8557247..5c513ef076354e 100644 --- a/bitnami/grafana-loki/templates/querier/networkpolicy.yaml +++ b/bitnami/grafana-loki/templates/querier/networkpolicy.yaml @@ -114,21 +114,21 @@ spec: - podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} app.kubernetes.io/part-of: grafana-loki + {{- if .Values.querier.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-loki.querier.fullname" . }}-querier: "true" + {{- end }} + {{- if .Values.querier.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.querier.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.querier.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.querier.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.querier.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.querier.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.querier.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.querier.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-loki/templates/query-frontend/networkpolicy.yaml b/bitnami/grafana-loki/templates/query-frontend/networkpolicy.yaml index 9159522db825a2..51554bf463cf56 100644 --- a/bitnami/grafana-loki/templates/query-frontend/networkpolicy.yaml +++ b/bitnami/grafana-loki/templates/query-frontend/networkpolicy.yaml @@ -114,21 +114,21 @@ spec: - podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} app.kubernetes.io/part-of: grafana-loki + {{- if .Values.queryFrontend.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-loki.query-frontend.fullname" . }}-query-frontend: "true" + {{- end }} + {{- if .Values.queryFrontend.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.queryFrontend.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.queryFrontend.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.queryFrontend.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.queryFrontend.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.queryFrontend.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.queryFrontend.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.queryFrontend.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-loki/templates/query-scheduler/networkpolicy.yaml b/bitnami/grafana-loki/templates/query-scheduler/networkpolicy.yaml index 073843534743a1..ff7ae035069637 100644 --- a/bitnami/grafana-loki/templates/query-scheduler/networkpolicy.yaml +++ b/bitnami/grafana-loki/templates/query-scheduler/networkpolicy.yaml @@ -114,21 +114,21 @@ spec: - podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} app.kubernetes.io/part-of: grafana-loki + {{- if .Values.queryScheduler.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-loki.query-scheduler.fullname" . }}-query-scheduler: "true" + {{- end }} + {{- if .Values.queryScheduler.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.queryScheduler.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.queryScheduler.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.queryScheduler.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.queryScheduler.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.queryScheduler.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.queryScheduler.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.queryScheduler.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-loki/templates/ruler/networkpolicy.yaml b/bitnami/grafana-loki/templates/ruler/networkpolicy.yaml index da1021d7a8744b..93464eff81ce56 100644 --- a/bitnami/grafana-loki/templates/ruler/networkpolicy.yaml +++ b/bitnami/grafana-loki/templates/ruler/networkpolicy.yaml @@ -114,21 +114,21 @@ spec: - podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} app.kubernetes.io/part-of: grafana-loki + {{- if .Values.ruler.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-loki.ruler.fullname" . }}-ruler: "true" + {{- end }} + {{- if .Values.ruler.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.ruler.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.ruler.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.ruler.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.ruler.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.ruler.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.ruler.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.ruler.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-loki/templates/table-manager/networkpolicy.yaml b/bitnami/grafana-loki/templates/table-manager/networkpolicy.yaml index b6e495f14934f7..135d4234fd00b4 100644 --- a/bitnami/grafana-loki/templates/table-manager/networkpolicy.yaml +++ b/bitnami/grafana-loki/templates/table-manager/networkpolicy.yaml @@ -114,21 +114,21 @@ spec: - podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} app.kubernetes.io/part-of: grafana-loki + {{- if .Values.tableManager.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-loki.table-manager.fullname" . }}-table-manager: "true" + {{- end }} + {{- if .Values.tableManager.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.tableManager.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.tableManager.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.tableManager.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.tableManager.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.tableManager.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.tableManager.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.tableManager.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-loki/values.yaml b/bitnami/grafana-loki/values.yaml index b7e75259f2fe58..2c8f81eab99d41 100644 --- a/bitnami/grafana-loki/values.yaml +++ b/bitnami/grafana-loki/values.yaml @@ -657,6 +657,9 @@ compactor: ## @param compactor.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param compactor.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `compactor.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param compactor.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -690,8 +693,14 @@ compactor: ## - frontend ## extraEgress: [] - ## @param compactor.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param compactor.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param compactor.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `compactor.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param compactor.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `compactor.networkPolicy.allowExternal` is true. + ## @param compactor.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `compactor.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -714,7 +723,7 @@ gateway: image: registry: docker.io repository: bitnami/nginx - tag: 1.26.0-debian-12-r0 + tag: 1.26.0-debian-12-r1 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1056,6 +1065,9 @@ gateway: ## @param gateway.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param gateway.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `gateway.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param gateway.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -1089,8 +1101,14 @@ gateway: ## - frontend ## extraEgress: [] - ## @param gateway.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param gateway.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param gateway.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `gateway.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param gateway.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `gateway.networkPolicy.allowExternal` is true. + ## @param gateway.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `gateway.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -1549,6 +1567,9 @@ indexGateway: ## @param indexGateway.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param indexGateway.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `indexGateway.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param indexGateway.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -1582,8 +1603,14 @@ indexGateway: ## - frontend ## extraEgress: [] - ## @param indexGateway.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param indexGateway.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param indexGateway.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `indexGateway.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param indexGateway.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `indexGateway.networkPolicy.allowExternal` is true. + ## @param indexGateway.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `indexGateway.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -1903,6 +1930,9 @@ distributor: ## @param distributor.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param distributor.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `distributor.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param distributor.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -1936,8 +1966,14 @@ distributor: ## - frontend ## extraEgress: [] - ## @param distributor.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param distributor.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param distributor.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `distributor.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param distributor.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `distributor.networkPolicy.allowExternal` is true. + ## @param distributor.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `distributor.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -2300,6 +2336,9 @@ ingester: ## @param ingester.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param ingester.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `ingester.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param ingester.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -2333,8 +2372,14 @@ ingester: ## - frontend ## extraEgress: [] - ## @param ingester.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param ingester.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param ingester.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `ingester.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param ingester.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `ingester.networkPolicy.allowExternal` is true. + ## @param ingester.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `ingester.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -2697,6 +2742,9 @@ querier: ## @param querier.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param querier.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `querier.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param querier.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -2730,8 +2778,14 @@ querier: ## - frontend ## extraEgress: [] - ## @param querier.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param querier.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param querier.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `querier.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param querier.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `querier.networkPolicy.allowExternal` is true. + ## @param querier.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `querier.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -3057,6 +3111,9 @@ queryFrontend: ## @param queryFrontend.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param queryFrontend.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `queryFrontend.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param queryFrontend.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -3090,8 +3147,14 @@ queryFrontend: ## - frontend ## extraEgress: [] - ## @param queryFrontend.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param queryFrontend.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param queryFrontend.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `queryFrontend.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param queryFrontend.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `queryFrontend.networkPolicy.allowExternal` is true. + ## @param queryFrontend.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `queryFrontend.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -3414,6 +3477,9 @@ queryScheduler: ## @param queryScheduler.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param queryScheduler.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `queryScheduler.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param queryScheduler.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -3447,8 +3513,14 @@ queryScheduler: ## - frontend ## extraEgress: [] - ## @param queryScheduler.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param queryScheduler.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param queryScheduler.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `queryScheduler.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param queryScheduler.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `queryScheduler.networkPolicy.allowExternal` is true. + ## @param queryScheduler.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `queryScheduler.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -3814,6 +3886,9 @@ ruler: ## @param ruler.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param ruler.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `ruler.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param ruler.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -3847,8 +3922,14 @@ ruler: ## - frontend ## extraEgress: [] - ## @param ruler.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param ruler.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param ruler.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `ruler.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param ruler.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `ruler.networkPolicy.allowExternal` is true. + ## @param ruler.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `ruler.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -4171,6 +4252,9 @@ tableManager: ## @param tableManager.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param tableManager.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `tableManager.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param tableManager.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -4204,8 +4288,14 @@ tableManager: ## - frontend ## extraEgress: [] - ## @param tableManager.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param tableManager.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param tableManager.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `tableManager.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param tableManager.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `tableManager.networkPolicy.allowExternal` is true. + ## @param tableManager.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `tableManager.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -4227,7 +4317,7 @@ promtail: image: registry: docker.io repository: bitnami/promtail - tag: 3.0.0-debian-12-r4 + tag: 3.0.0-debian-12-r5 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -4647,6 +4737,9 @@ promtail: ## @param promtail.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param promtail.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `promtail.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param promtail.networkPolicy.kubeAPIServerPorts [array] List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security) ## kubeAPIServerPorts: [443, 6443, 8443] @@ -4683,8 +4776,14 @@ promtail: ## - frontend ## extraEgress: [] - ## @param promtail.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param promtail.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param promtail.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `promtail.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param promtail.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `promtail.networkPolicy.allowExternal` is true. + ## @param promtail.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `promtail.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -4866,7 +4965,7 @@ memcachedchunks: image: registry: docker.io repository: bitnami/memcached - tag: 1.6.27-debian-12-r1 + tag: 1.6.27-debian-12-r2 digest: "" ## @param memcachedchunks.nameOverride override the subchart name ## @@ -4922,7 +5021,7 @@ memcachedfrontend: image: registry: docker.io repository: bitnami/memcached - tag: 1.6.27-debian-12-r1 + tag: 1.6.27-debian-12-r2 digest: "" ## @param memcachedfrontend.architecture Memcached architecture ## @@ -4978,7 +5077,7 @@ memcachedindexqueries: image: registry: docker.io repository: bitnami/memcached - tag: 1.6.27-debian-12-r1 + tag: 1.6.27-debian-12-r2 digest: "" ## @param memcachedindexqueries.architecture Memcached architecture ## @@ -5034,7 +5133,7 @@ memcachedindexwrites: image: registry: docker.io repository: bitnami/memcached - tag: 1.6.27-debian-12-r1 + tag: 1.6.27-debian-12-r2 digest: "" ## @param memcachedindexwrites.architecture Memcached architecture ## diff --git a/bitnami/grafana-mimir/Chart.lock b/bitnami/grafana-mimir/Chart.lock index 9e1c7c0d91d2e0..590e213a158ff4 100644 --- a/bitnami/grafana-mimir/Chart.lock +++ b/bitnami/grafana-mimir/Chart.lock @@ -1,21 +1,21 @@ dependencies: - name: minio repository: oci://registry-1.docker.io/bitnamicharts - version: 14.4.1 + version: 14.4.2 - name: memcached repository: oci://registry-1.docker.io/bitnamicharts - version: 7.0.5 + version: 7.0.6 - name: memcached repository: oci://registry-1.docker.io/bitnamicharts - version: 7.0.5 + version: 7.0.6 - name: memcached repository: oci://registry-1.docker.io/bitnamicharts - version: 7.0.5 + version: 7.0.6 - name: memcached repository: oci://registry-1.docker.io/bitnamicharts - version: 7.0.5 + version: 7.0.6 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:0b170d68af5355bc9fe132d19a5e350db9c0e9c92fb1289b13dc4caf88d142da -generated: "2024-05-13T22:22:47.754561088Z" +digest: sha256:f69eb5d649942de7d803a8f410b162360ca4d057fd22032e747ed29d2f793df1 +generated: "2024-05-18T01:09:48.696895575Z" diff --git a/bitnami/grafana-mimir/Chart.yaml b/bitnami/grafana-mimir/Chart.yaml index 46988ded8f46ee..fecf3aa5485bfe 100644 --- a/bitnami/grafana-mimir/Chart.yaml +++ b/bitnami/grafana-mimir/Chart.yaml @@ -8,9 +8,9 @@ annotations: - name: grafana-mimir image: docker.io/bitnami/grafana-mimir:2.12.0-debian-12-r7 - name: memcached - image: docker.io/bitnami/memcached:1.6.27-debian-12-r1 + image: docker.io/bitnami/memcached:1.6.27-debian-12-r2 - name: nginx - image: docker.io/bitnami/nginx:1.26.0-debian-12-r0 + image: docker.io/bitnami/nginx:1.26.0-debian-12-r1 - name: os-shell image: docker.io/bitnami/os-shell:12-debian-12-r21 apiVersion: v2 @@ -59,4 +59,4 @@ maintainers: name: grafana-mimir sources: - https://github.com/bitnami/charts/tree/main/bitnami/grafana-mimir -version: 1.0.6 +version: 1.0.8 diff --git a/bitnami/grafana-mimir/templates/alertmanager/pdb.yaml b/bitnami/grafana-mimir/templates/alertmanager/pdb.yaml index 30ab0eb4f221e2..d5efa489e711fa 100644 --- a/bitnami/grafana-mimir/templates/alertmanager/pdb.yaml +++ b/bitnami/grafana-mimir/templates/alertmanager/pdb.yaml @@ -3,8 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- $replicaCount := int .Values.alertmanager.replicaCount }} -{{- if and .Values.alertmanager.enabled .Values.alertmanager.pdb.create (gt $replicaCount 1) }} +{{- if and .Values.alertmanager.enabled .Values.alertmanager.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: diff --git a/bitnami/grafana-mimir/templates/compactor/pdb.yaml b/bitnami/grafana-mimir/templates/compactor/pdb.yaml index 26d471cea42e4a..2084954e574e44 100644 --- a/bitnami/grafana-mimir/templates/compactor/pdb.yaml +++ b/bitnami/grafana-mimir/templates/compactor/pdb.yaml @@ -3,8 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- $replicaCount := int .Values.compactor.replicaCount }} -{{- if and .Values.compactor.pdb.create (gt $replicaCount 1) }} +{{- if .Values.compactor.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: diff --git a/bitnami/grafana-mimir/templates/distributor/pdb.yaml b/bitnami/grafana-mimir/templates/distributor/pdb.yaml index 2a393c7d4fd5ea..61b7da70168e99 100644 --- a/bitnami/grafana-mimir/templates/distributor/pdb.yaml +++ b/bitnami/grafana-mimir/templates/distributor/pdb.yaml @@ -3,8 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- $replicaCount := int .Values.distributor.replicaCount }} -{{- if and .Values.distributor.pdb.create (gt $replicaCount 1) }} +{{- if .Values.distributor.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: diff --git a/bitnami/grafana-mimir/templates/gateway/pdb.yaml b/bitnami/grafana-mimir/templates/gateway/pdb.yaml index 9ac2f39d20cf9a..dfa59db0160a57 100644 --- a/bitnami/grafana-mimir/templates/gateway/pdb.yaml +++ b/bitnami/grafana-mimir/templates/gateway/pdb.yaml @@ -3,8 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- $replicaCount := int .Values.gateway.replicaCount }} -{{- if and .Values.gateway.pdb.create (gt $replicaCount 1) }} +{{- if and .Values.gateway.enabled .Values.gateway.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: diff --git a/bitnami/grafana-mimir/templates/ingester/pdb.yaml b/bitnami/grafana-mimir/templates/ingester/pdb.yaml index 6b14a34f3ca709..0f7e3d00b0cc7a 100644 --- a/bitnami/grafana-mimir/templates/ingester/pdb.yaml +++ b/bitnami/grafana-mimir/templates/ingester/pdb.yaml @@ -3,8 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- $replicaCount := int .Values.ingester.replicaCount }} -{{- if and .Values.ingester.pdb.create (gt $replicaCount 1) }} +{{- if .Values.ingester.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: diff --git a/bitnami/grafana-mimir/templates/overrides-exporter/pdb.yaml b/bitnami/grafana-mimir/templates/overrides-exporter/pdb.yaml index 62ffd19cc8ea8f..e5ff0f1ed71ed3 100644 --- a/bitnami/grafana-mimir/templates/overrides-exporter/pdb.yaml +++ b/bitnami/grafana-mimir/templates/overrides-exporter/pdb.yaml @@ -3,8 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- $replicaCount := int .Values.overridesExporter.replicaCount }} -{{- if and .Values.overridesExporter.enabled .Values.overridesExporter.pdb.create (gt $replicaCount 1) }} +{{- if and .Values.overridesExporter.enabled .Values.overridesExporter.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: diff --git a/bitnami/grafana-mimir/templates/querier/pdb.yaml b/bitnami/grafana-mimir/templates/querier/pdb.yaml index b3dc29e886f600..6be56f1529bf2c 100644 --- a/bitnami/grafana-mimir/templates/querier/pdb.yaml +++ b/bitnami/grafana-mimir/templates/querier/pdb.yaml @@ -3,8 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- $replicaCount := int .Values.querier.replicaCount }} -{{- if and .Values.querier.pdb.create (gt $replicaCount 1) }} +{{- if .Values.querier.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: diff --git a/bitnami/grafana-mimir/templates/query-frontend/pdb.yaml b/bitnami/grafana-mimir/templates/query-frontend/pdb.yaml index 94784305382dbd..5faf4e520e9e0c 100644 --- a/bitnami/grafana-mimir/templates/query-frontend/pdb.yaml +++ b/bitnami/grafana-mimir/templates/query-frontend/pdb.yaml @@ -3,8 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- $replicaCount := int .Values.queryFrontend.replicaCount }} -{{- if and .Values.queryFrontend.pdb.create (gt $replicaCount 1) }} +{{- if .Values.queryFrontend.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: diff --git a/bitnami/grafana-mimir/templates/query-scheduler/pdb.yaml b/bitnami/grafana-mimir/templates/query-scheduler/pdb.yaml index 92d866de9996f1..62fa1ca698e81e 100644 --- a/bitnami/grafana-mimir/templates/query-scheduler/pdb.yaml +++ b/bitnami/grafana-mimir/templates/query-scheduler/pdb.yaml @@ -3,8 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- $replicaCount := int .Values.queryScheduler.replicaCount }} -{{- if and .Values.queryScheduler.enabled .Values.queryScheduler.pdb.create (gt $replicaCount 1) }} +{{- if and .Values.queryScheduler.enabled .Values.queryScheduler.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: diff --git a/bitnami/grafana-mimir/templates/ruler/pdb.yaml b/bitnami/grafana-mimir/templates/ruler/pdb.yaml index c41489c7705a91..5d1dce0edddd84 100644 --- a/bitnami/grafana-mimir/templates/ruler/pdb.yaml +++ b/bitnami/grafana-mimir/templates/ruler/pdb.yaml @@ -3,8 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- $replicaCount := int .Values.ruler.replicaCount }} -{{- if and .Values.ruler.pdb.create (gt $replicaCount 1) }} +{{- if and .Values.ruler.enabled .Values.ruler.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: diff --git a/bitnami/grafana-mimir/templates/store-gateway/pdb.yaml b/bitnami/grafana-mimir/templates/store-gateway/pdb.yaml index d35ab8b15a928f..40939f0c2099d0 100644 --- a/bitnami/grafana-mimir/templates/store-gateway/pdb.yaml +++ b/bitnami/grafana-mimir/templates/store-gateway/pdb.yaml @@ -3,8 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} -{{- $replicaCount := int .Values.storeGateway.replicaCount }} -{{- if and .Values.storeGateway.pdb.create (gt $replicaCount 1) }} +{{- if .Values.storeGateway.pdb.create }} apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} kind: PodDisruptionBudget metadata: diff --git a/bitnami/grafana-mimir/values.yaml b/bitnami/grafana-mimir/values.yaml index 0d013c45760da5..dcf0e44005855c 100644 --- a/bitnami/grafana-mimir/values.yaml +++ b/bitnami/grafana-mimir/values.yaml @@ -1571,7 +1571,7 @@ gateway: image: registry: docker.io repository: bitnami/nginx - tag: 1.26.0-debian-12-r0 + tag: 1.26.0-debian-12-r1 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -5066,7 +5066,7 @@ memcachedchunks: image: registry: docker.io repository: bitnami/memcached - tag: 1.6.27-debian-12-r1 + tag: 1.6.27-debian-12-r2 digest: "" ## @param memcachedchunks.nameOverride override the subchart name ## @@ -5122,7 +5122,7 @@ memcachedfrontend: image: registry: docker.io repository: bitnami/memcached - tag: 1.6.27-debian-12-r1 + tag: 1.6.27-debian-12-r2 digest: "" ## @param memcachedfrontend.architecture Memcached architecture ## @@ -5178,7 +5178,7 @@ memcachedindex: image: registry: docker.io repository: bitnami/memcached - tag: 1.6.27-debian-12-r1 + tag: 1.6.27-debian-12-r2 digest: "" ## @param memcachedindex.architecture Memcached architecture ## @@ -5234,7 +5234,7 @@ memcachedmetadata: image: registry: docker.io repository: bitnami/memcached - tag: 1.6.27-debian-12-r1 + tag: 1.6.27-debian-12-r2 digest: "" ## @param memcachedmetadata.architecture Memcached architecture ## diff --git a/bitnami/grafana-operator/Chart.yaml b/bitnami/grafana-operator/Chart.yaml index 933b76a0c08609..aa27fc76f5c1ef 100644 --- a/bitnami/grafana-operator/Chart.yaml +++ b/bitnami/grafana-operator/Chart.yaml @@ -6,7 +6,7 @@ annotations: licenses: Apache-2.0 images: | - name: grafana - image: docker.io/bitnami/grafana:10.4.2-debian-12-r6 + image: docker.io/bitnami/grafana:10.4.3-debian-12-r0 - name: grafana-operator image: docker.io/bitnami/grafana-operator:5.9.0-debian-12-r3 apiVersion: v2 @@ -30,4 +30,4 @@ maintainers: name: grafana-operator sources: - https://github.com/bitnami/charts/tree/main/bitnami/grafana-operator -version: 4.2.3 +version: 4.2.4 diff --git a/bitnami/grafana-operator/values.yaml b/bitnami/grafana-operator/values.yaml index 2d5f336cb3cc49..8b1ccf76f8230e 100644 --- a/bitnami/grafana-operator/values.yaml +++ b/bitnami/grafana-operator/values.yaml @@ -508,7 +508,7 @@ grafana: image: registry: docker.io repository: bitnami/grafana - tag: 10.4.2-debian-12-r6 + tag: 10.4.3-debian-12-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/bitnami/grafana-tempo/Chart.yaml b/bitnami/grafana-tempo/Chart.yaml index b61cdbbba757a4..10f2f30add48c8 100644 --- a/bitnami/grafana-tempo/Chart.yaml +++ b/bitnami/grafana-tempo/Chart.yaml @@ -39,4 +39,4 @@ maintainers: name: grafana-tempo sources: - https://github.com/bitnami/charts/tree/main/bitnami/grafana-tempo -version: 3.2.1 +version: 3.3.1 diff --git a/bitnami/grafana-tempo/README.md b/bitnami/grafana-tempo/README.md index 8ed89cd696ed60..a746975f0034a8 100644 --- a/bitnami/grafana-tempo/README.md +++ b/bitnami/grafana-tempo/README.md @@ -290,27 +290,29 @@ The [Bitnami grafana-tempo](https://github.com/bitnami/containers/tree/main/bitn ### Compactor Traffic Exposure Parameters -| Name | Description | Value | -| ------------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `compactor.service.type` | Compactor service type | `ClusterIP` | -| `compactor.service.ports.http` | Compactor HTTP service port | `3200` | -| `compactor.service.ports.grpc` | Compactor GRPC service port | `9095` | -| `compactor.service.nodePorts.http` | Node port for HTTP | `""` | -| `compactor.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `compactor.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `compactor.service.clusterIP` | Compactor service Cluster IP | `""` | -| `compactor.service.loadBalancerIP` | Compactor service Load Balancer IP | `""` | -| `compactor.service.loadBalancerSourceRanges` | Compactor service Load Balancer sources | `[]` | -| `compactor.service.externalTrafficPolicy` | Compactor service external traffic policy | `Cluster` | -| `compactor.service.annotations` | Additional custom annotations for Compactor service | `{}` | -| `compactor.service.extraPorts` | Extra ports to expose in the Compactor service | `[]` | -| `compactor.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `compactor.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `compactor.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `compactor.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `compactor.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `compactor.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `compactor.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| ------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------- | ----------- | +| `compactor.service.type` | Compactor service type | `ClusterIP` | +| `compactor.service.ports.http` | Compactor HTTP service port | `3200` | +| `compactor.service.ports.grpc` | Compactor GRPC service port | `9095` | +| `compactor.service.nodePorts.http` | Node port for HTTP | `""` | +| `compactor.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `compactor.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `compactor.service.clusterIP` | Compactor service Cluster IP | `""` | +| `compactor.service.loadBalancerIP` | Compactor service Load Balancer IP | `""` | +| `compactor.service.loadBalancerSourceRanges` | Compactor service Load Balancer sources | `[]` | +| `compactor.service.externalTrafficPolicy` | Compactor service external traffic policy | `Cluster` | +| `compactor.service.annotations` | Additional custom annotations for Compactor service | `{}` | +| `compactor.service.extraPorts` | Extra ports to expose in the Compactor service | `[]` | +| `compactor.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `compactor.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `compactor.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `compactor.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `compactor.networkPolicy.allowExternal` is true. | `true` | +| `compactor.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `compactor.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `compactor.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `compactor.networkPolicy.allowExternal` is true. | `{}` | +| `compactor.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `compactor.networkPolicy.allowExternal` is true. | `{}` | +| `compactor.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `compactor.networkPolicy.allowExternal` is true. | `{}` | ### Distributor Deployment Parameters @@ -386,28 +388,30 @@ The [Bitnami grafana-tempo](https://github.com/bitnami/containers/tree/main/bitn ### Distributor Traffic Exposure Parameters -| Name | Description | Value | -| --------------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `distributor.service.type` | Distributor service type | `ClusterIP` | -| `distributor.service.ports.http` | Distributor HTTP service port | `3200` | -| `distributor.service.ports.grpc` | Distributor GRPC service port | `9095` | -| `distributor.service.nodePorts.http` | Node port for HTTP | `""` | -| `distributor.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `distributor.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `distributor.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `distributor.service.clusterIP` | Distributor service Cluster IP | `""` | -| `distributor.service.loadBalancerIP` | Distributor service Load Balancer IP | `""` | -| `distributor.service.loadBalancerSourceRanges` | Distributor service Load Balancer sources | `[]` | -| `distributor.service.externalTrafficPolicy` | Distributor service external traffic policy | `Cluster` | -| `distributor.service.annotations` | Additional custom annotations for Distributor service | `{}` | -| `distributor.service.extraPorts` | Extra ports to expose in the Distributor service | `[]` | -| `distributor.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `distributor.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `distributor.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `distributor.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `distributor.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `distributor.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `distributor.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | ----------- | +| `distributor.service.type` | Distributor service type | `ClusterIP` | +| `distributor.service.ports.http` | Distributor HTTP service port | `3200` | +| `distributor.service.ports.grpc` | Distributor GRPC service port | `9095` | +| `distributor.service.nodePorts.http` | Node port for HTTP | `""` | +| `distributor.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `distributor.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `distributor.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `distributor.service.clusterIP` | Distributor service Cluster IP | `""` | +| `distributor.service.loadBalancerIP` | Distributor service Load Balancer IP | `""` | +| `distributor.service.loadBalancerSourceRanges` | Distributor service Load Balancer sources | `[]` | +| `distributor.service.externalTrafficPolicy` | Distributor service external traffic policy | `Cluster` | +| `distributor.service.annotations` | Additional custom annotations for Distributor service | `{}` | +| `distributor.service.extraPorts` | Extra ports to expose in the Distributor service | `[]` | +| `distributor.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `distributor.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `distributor.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `distributor.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `distributor.networkPolicy.allowExternal` is true. | `true` | +| `distributor.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `distributor.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `distributor.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `distributor.networkPolicy.allowExternal` is true. | `{}` | +| `distributor.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `distributor.networkPolicy.allowExternal` is true. | `{}` | +| `distributor.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `distributor.networkPolicy.allowExternal` is true. | `{}` | ### Metrics Generator Deployment Parameters @@ -484,27 +488,29 @@ The [Bitnami grafana-tempo](https://github.com/bitnami/containers/tree/main/bitn ### Metrics Generator Traffic Exposure Parameters -| Name | Description | Value | -| -------------------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `metricsGenerator.service.type` | metricsGenerator service type | `ClusterIP` | -| `metricsGenerator.service.ports.http` | metricsGenerator HTTP service port | `3200` | -| `metricsGenerator.service.ports.grpc` | metricsGenerator GRPC service port | `9095` | -| `metricsGenerator.service.nodePorts.http` | Node port for HTTP | `""` | -| `metricsGenerator.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `metricsGenerator.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `metricsGenerator.service.clusterIP` | metricsGenerator service Cluster IP | `""` | -| `metricsGenerator.service.loadBalancerIP` | metricsGenerator service Load Balancer IP | `""` | -| `metricsGenerator.service.loadBalancerSourceRanges` | metricsGenerator service Load Balancer sources | `[]` | -| `metricsGenerator.service.externalTrafficPolicy` | metricsGenerator service external traffic policy | `Cluster` | -| `metricsGenerator.service.annotations` | Additional custom annotations for metricsGenerator service | `{}` | -| `metricsGenerator.service.extraPorts` | Extra ports to expose in the metricsGenerator service | `[]` | -| `metricsGenerator.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `metricsGenerator.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `metricsGenerator.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `metricsGenerator.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `metricsGenerator.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `metricsGenerator.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `metricsGenerator.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| -------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | ----------- | +| `metricsGenerator.service.type` | metricsGenerator service type | `ClusterIP` | +| `metricsGenerator.service.ports.http` | metricsGenerator HTTP service port | `3200` | +| `metricsGenerator.service.ports.grpc` | metricsGenerator GRPC service port | `9095` | +| `metricsGenerator.service.nodePorts.http` | Node port for HTTP | `""` | +| `metricsGenerator.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `metricsGenerator.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `metricsGenerator.service.clusterIP` | metricsGenerator service Cluster IP | `""` | +| `metricsGenerator.service.loadBalancerIP` | metricsGenerator service Load Balancer IP | `""` | +| `metricsGenerator.service.loadBalancerSourceRanges` | metricsGenerator service Load Balancer sources | `[]` | +| `metricsGenerator.service.externalTrafficPolicy` | metricsGenerator service external traffic policy | `Cluster` | +| `metricsGenerator.service.annotations` | Additional custom annotations for metricsGenerator service | `{}` | +| `metricsGenerator.service.extraPorts` | Extra ports to expose in the metricsGenerator service | `[]` | +| `metricsGenerator.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `metricsGenerator.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `metricsGenerator.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `metricsGenerator.networkPolicy.allowExternal` is true. | `true` | +| `metricsGenerator.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `metricsGenerator.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `metricsGenerator.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `metricsGenerator.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `metricsGenerator.networkPolicy.allowExternal` is true. | `{}` | +| `metricsGenerator.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `metricsGenerator.networkPolicy.allowExternal` is true. | `{}` | +| `metricsGenerator.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `metricsGenerator.networkPolicy.allowExternal` is true. | `{}` | ### Ingester Deployment Parameters @@ -593,28 +599,30 @@ The [Bitnami grafana-tempo](https://github.com/bitnami/containers/tree/main/bitn ### Ingester Traffic Exposure Parameters -| Name | Description | Value | -| ------------------------------------------------ | ---------------------------------------------------------------- | ----------- | -| `ingester.service.type` | Ingester service type | `ClusterIP` | -| `ingester.service.ports.http` | Ingester HTTP service port | `3200` | -| `ingester.service.ports.grpc` | Ingester GRPC service port | `9095` | -| `ingester.service.nodePorts.http` | Node port for HTTP | `""` | -| `ingester.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `ingester.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `ingester.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `ingester.service.clusterIP` | Ingester service Cluster IP | `""` | -| `ingester.service.loadBalancerIP` | Ingester service Load Balancer IP | `""` | -| `ingester.service.loadBalancerSourceRanges` | Ingester service Load Balancer sources | `[]` | -| `ingester.service.externalTrafficPolicy` | Ingester service external traffic policy | `Cluster` | -| `ingester.service.annotations` | Additional custom annotations for Ingester service | `{}` | -| `ingester.service.extraPorts` | Extra ports to expose in the Ingester service | `[]` | -| `ingester.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `ingester.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `ingester.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `ingester.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `ingester.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `ingester.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `ingester.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------- | ----------- | +| `ingester.service.type` | Ingester service type | `ClusterIP` | +| `ingester.service.ports.http` | Ingester HTTP service port | `3200` | +| `ingester.service.ports.grpc` | Ingester GRPC service port | `9095` | +| `ingester.service.nodePorts.http` | Node port for HTTP | `""` | +| `ingester.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `ingester.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `ingester.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `ingester.service.clusterIP` | Ingester service Cluster IP | `""` | +| `ingester.service.loadBalancerIP` | Ingester service Load Balancer IP | `""` | +| `ingester.service.loadBalancerSourceRanges` | Ingester service Load Balancer sources | `[]` | +| `ingester.service.externalTrafficPolicy` | Ingester service external traffic policy | `Cluster` | +| `ingester.service.annotations` | Additional custom annotations for Ingester service | `{}` | +| `ingester.service.extraPorts` | Extra ports to expose in the Ingester service | `[]` | +| `ingester.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `ingester.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `ingester.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `ingester.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `ingester.networkPolicy.allowExternal` is true. | `true` | +| `ingester.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `ingester.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `ingester.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `ingester.networkPolicy.allowExternal` is true. | `{}` | +| `ingester.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `ingester.networkPolicy.allowExternal` is true. | `{}` | +| `ingester.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `ingester.networkPolicy.allowExternal` is true. | `{}` | ### Querier Deployment Parameters @@ -690,28 +698,30 @@ The [Bitnami grafana-tempo](https://github.com/bitnami/containers/tree/main/bitn ### Querier Traffic Exposure Parameters -| Name | Description | Value | -| ----------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `querier.service.type` | Querier service type | `ClusterIP` | -| `querier.service.ports.http` | Querier HTTP service port | `3200` | -| `querier.service.ports.grpc` | Querier GRPC service port | `9095` | -| `querier.service.nodePorts.http` | Node port for HTTP | `""` | -| `querier.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `querier.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `querier.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `querier.service.clusterIP` | Querier service Cluster IP | `""` | -| `querier.service.loadBalancerIP` | Querier service Load Balancer IP | `""` | -| `querier.service.loadBalancerSourceRanges` | Querier service Load Balancer sources | `[]` | -| `querier.service.externalTrafficPolicy` | Querier service external traffic policy | `Cluster` | -| `querier.service.annotations` | Additional custom annotations for Querier service | `{}` | -| `querier.service.extraPorts` | Extra ports to expose in the Querier service | `[]` | -| `querier.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `querier.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `querier.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `querier.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `querier.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `querier.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `querier.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| ----------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ----------- | +| `querier.service.type` | Querier service type | `ClusterIP` | +| `querier.service.ports.http` | Querier HTTP service port | `3200` | +| `querier.service.ports.grpc` | Querier GRPC service port | `9095` | +| `querier.service.nodePorts.http` | Node port for HTTP | `""` | +| `querier.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `querier.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `querier.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `querier.service.clusterIP` | Querier service Cluster IP | `""` | +| `querier.service.loadBalancerIP` | Querier service Load Balancer IP | `""` | +| `querier.service.loadBalancerSourceRanges` | Querier service Load Balancer sources | `[]` | +| `querier.service.externalTrafficPolicy` | Querier service external traffic policy | `Cluster` | +| `querier.service.annotations` | Additional custom annotations for Querier service | `{}` | +| `querier.service.extraPorts` | Extra ports to expose in the Querier service | `[]` | +| `querier.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `querier.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `querier.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `querier.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `querier.networkPolicy.allowExternal` is true. | `true` | +| `querier.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `querier.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `querier.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `querier.networkPolicy.allowExternal` is true. | `{}` | +| `querier.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `querier.networkPolicy.allowExternal` is true. | `{}` | +| `querier.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `querier.networkPolicy.allowExternal` is true. | `{}` | ### Query Frontend Deployment Parameters @@ -837,29 +847,31 @@ The [Bitnami grafana-tempo](https://github.com/bitnami/containers/tree/main/bitn ### Query Frontend Traffic Exposure Parameters -| Name | Description | Value | -| ----------------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `queryFrontend.service.type` | queryFrontend service type | `ClusterIP` | -| `queryFrontend.service.ports.http` | queryFrontend HTTP service port | `3200` | -| `queryFrontend.service.ports.grpc` | queryFrontend GRPC service port | `9095` | -| `queryFrontend.service.nodePorts.http` | Node port for HTTP | `""` | -| `queryFrontend.service.nodePorts.grpc` | Node port for GRPC | `""` | -| `queryFrontend.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `queryFrontend.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `queryFrontend.service.clusterIP` | queryFrontend service Cluster IP | `""` | -| `queryFrontend.service.loadBalancerIP` | queryFrontend service Load Balancer IP | `""` | -| `queryFrontend.service.loadBalancerSourceRanges` | queryFrontend service Load Balancer sources | `[]` | -| `queryFrontend.service.externalTrafficPolicy` | queryFrontend service external traffic policy | `Cluster` | -| `queryFrontend.service.annotations` | Additional custom annotations for queryFrontend service | `{}` | -| `queryFrontend.service.extraPorts` | Extra ports to expose in the queryFrontend service | `[]` | -| `queryFrontend.service.headless.annotations` | Annotations for the headless service. | `{}` | -| `queryFrontend.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `queryFrontend.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `queryFrontend.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `queryFrontend.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `queryFrontend.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `queryFrontend.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `queryFrontend.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| ----------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------- | ----------- | +| `queryFrontend.service.type` | queryFrontend service type | `ClusterIP` | +| `queryFrontend.service.ports.http` | queryFrontend HTTP service port | `3200` | +| `queryFrontend.service.ports.grpc` | queryFrontend GRPC service port | `9095` | +| `queryFrontend.service.nodePorts.http` | Node port for HTTP | `""` | +| `queryFrontend.service.nodePorts.grpc` | Node port for GRPC | `""` | +| `queryFrontend.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `queryFrontend.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `queryFrontend.service.clusterIP` | queryFrontend service Cluster IP | `""` | +| `queryFrontend.service.loadBalancerIP` | queryFrontend service Load Balancer IP | `""` | +| `queryFrontend.service.loadBalancerSourceRanges` | queryFrontend service Load Balancer sources | `[]` | +| `queryFrontend.service.externalTrafficPolicy` | queryFrontend service external traffic policy | `Cluster` | +| `queryFrontend.service.annotations` | Additional custom annotations for queryFrontend service | `{}` | +| `queryFrontend.service.extraPorts` | Extra ports to expose in the queryFrontend service | `[]` | +| `queryFrontend.service.headless.annotations` | Annotations for the headless service. | `{}` | +| `queryFrontend.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `queryFrontend.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `queryFrontend.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `queryFrontend.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `queryFrontend.networkPolicy.allowExternal` is true. | `true` | +| `queryFrontend.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `queryFrontend.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `queryFrontend.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `queryFrontend.networkPolicy.allowExternal` is true. | `{}` | +| `queryFrontend.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `queryFrontend.networkPolicy.allowExternal` is true. | `{}` | +| `queryFrontend.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `queryFrontend.networkPolicy.allowExternal` is true. | `{}` | ### Vulture Deployment Parameters @@ -942,26 +954,28 @@ The [Bitnami grafana-tempo](https://github.com/bitnami/containers/tree/main/bitn ### Vulture Traffic Exposure Parameters -| Name | Description | Value | -| ----------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `vulture.service.type` | Vulture service type | `ClusterIP` | -| `vulture.service.ports.http` | Vulture HTTP service port | `3200` | -| `vulture.service.nodePorts.http` | Node port for HTTP | `""` | -| `vulture.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `vulture.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `vulture.service.clusterIP` | Vulture service Cluster IP | `""` | -| `vulture.service.loadBalancerIP` | Vulture service Load Balancer IP | `""` | -| `vulture.service.loadBalancerSourceRanges` | Vulture service Load Balancer sources | `[]` | -| `vulture.service.externalTrafficPolicy` | Vulture service external traffic policy | `Cluster` | -| `vulture.service.annotations` | Additional custom annotations for Vulture service | `{}` | -| `vulture.service.extraPorts` | Extra ports to expose in the Vulture service | `[]` | -| `vulture.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `vulture.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `vulture.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `vulture.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `vulture.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `vulture.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `vulture.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| Name | Description | Value | +| ----------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ----------- | +| `vulture.service.type` | Vulture service type | `ClusterIP` | +| `vulture.service.ports.http` | Vulture HTTP service port | `3200` | +| `vulture.service.nodePorts.http` | Node port for HTTP | `""` | +| `vulture.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `vulture.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `vulture.service.clusterIP` | Vulture service Cluster IP | `""` | +| `vulture.service.loadBalancerIP` | Vulture service Load Balancer IP | `""` | +| `vulture.service.loadBalancerSourceRanges` | Vulture service Load Balancer sources | `[]` | +| `vulture.service.externalTrafficPolicy` | Vulture service external traffic policy | `Cluster` | +| `vulture.service.annotations` | Additional custom annotations for Vulture service | `{}` | +| `vulture.service.extraPorts` | Extra ports to expose in the Vulture service | `[]` | +| `vulture.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `vulture.networkPolicy.allowExternal` | Don't require server label for connections | `true` | +| `vulture.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `vulture.networkPolicy.addExternalClientAccess` | Allow access from pods with client label set to "true". Ignored if `vulture.networkPolicy.allowExternal` is true. | `true` | +| `vulture.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vulture.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `vulture.networkPolicy.ingressPodMatchLabels` | Labels to match to allow traffic from other pods. Ignored if `vulture.networkPolicy.allowExternal` is true. | `{}` | +| `vulture.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces. Ignored if `vulture.networkPolicy.allowExternal` is true. | `{}` | +| `vulture.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces. Ignored if `vulture.networkPolicy.allowExternal` is true. | `{}` | ### Init Container Parameters diff --git a/bitnami/grafana-tempo/templates/compactor/networkpolicy.yaml b/bitnami/grafana-tempo/templates/compactor/networkpolicy.yaml index 376323fa3e5395..6679599bff05e9 100644 --- a/bitnami/grafana-tempo/templates/compactor/networkpolicy.yaml +++ b/bitnami/grafana-tempo/templates/compactor/networkpolicy.yaml @@ -100,21 +100,21 @@ spec: - port: {{ .Values.tempo.containerPorts.grpc }} {{- if not .Values.compactor.networkPolicy.allowExternal }} from: + {{- if .Values.compactor.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-tempo.compactor.fullname" . }}-compactor: "true" + {{- end }} + {{- if .Values.compactor.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.compactor.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.compactor.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.compactor.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.compactor.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.compactor.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.compactor.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.compactor.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-tempo/templates/distributor/networkpolicy.yaml b/bitnami/grafana-tempo/templates/distributor/networkpolicy.yaml index 001332fce325fd..3be4f110be0ee0 100644 --- a/bitnami/grafana-tempo/templates/distributor/networkpolicy.yaml +++ b/bitnami/grafana-tempo/templates/distributor/networkpolicy.yaml @@ -127,21 +127,21 @@ spec: {{- end }} {{- if not .Values.distributor.networkPolicy.allowExternal }} from: + {{- if .Values.distributor.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-tempo.distributor.fullname" . }}-distributor: "true" + {{- end }} + {{- if .Values.distributor.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.distributor.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.distributor.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.distributor.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.distributor.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.distributor.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.distributor.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.distributor.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-tempo/templates/ingester/networkpolicy.yaml b/bitnami/grafana-tempo/templates/ingester/networkpolicy.yaml index 238c197f42315f..72c99611b66b96 100644 --- a/bitnami/grafana-tempo/templates/ingester/networkpolicy.yaml +++ b/bitnami/grafana-tempo/templates/ingester/networkpolicy.yaml @@ -100,21 +100,21 @@ spec: - port: {{ .Values.tempo.containerPorts.grpc }} {{- if not .Values.ingester.networkPolicy.allowExternal }} from: + {{- if .Values.ingester.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-tempo.ingester.fullname" . }}-ingester: "true" + {{- end }} + {{- if .Values.ingester.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.ingester.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.ingester.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.ingester.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.ingester.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.ingester.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.ingester.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.ingester.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-tempo/templates/metrics-generator/networkpolicy.yaml b/bitnami/grafana-tempo/templates/metrics-generator/networkpolicy.yaml index 784beafaa5b01f..bceaf8dee0275b 100644 --- a/bitnami/grafana-tempo/templates/metrics-generator/networkpolicy.yaml +++ b/bitnami/grafana-tempo/templates/metrics-generator/networkpolicy.yaml @@ -100,21 +100,21 @@ spec: - port: {{ .Values.tempo.containerPorts.grpc }} {{- if not .Values.metricsGenerator.networkPolicy.allowExternal }} from: + {{- if .Values.metricsGenerator.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-tempo.metrics-generator.fullname" . }}-metrics-generator: "true" + {{- end }} + {{- if .Values.metricsGenerator.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.metricsGenerator.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.metricsGenerator.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.metricsGenerator.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.metricsGenerator.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.metricsGenerator.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.metricsGenerator.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.metricsGenerator.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-tempo/templates/querier/networkpolicy.yaml b/bitnami/grafana-tempo/templates/querier/networkpolicy.yaml index 7854a446e759dc..f272fc1e1bbfaa 100644 --- a/bitnami/grafana-tempo/templates/querier/networkpolicy.yaml +++ b/bitnami/grafana-tempo/templates/querier/networkpolicy.yaml @@ -100,21 +100,21 @@ spec: - port: {{ .Values.tempo.containerPorts.grpc }} {{- if not .Values.querier.networkPolicy.allowExternal }} from: + {{- if .Values.querier.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-tempo.querier.fullname" . }}-querier: "true" + {{- end }} + {{- if .Values.querier.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.querier.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.querier.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.querier.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.querier.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.querier.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.querier.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.querier.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-tempo/templates/query-frontend/networkpolicy.yaml b/bitnami/grafana-tempo/templates/query-frontend/networkpolicy.yaml index 6a7eec1a97d3ef..57b82d0392bc36 100644 --- a/bitnami/grafana-tempo/templates/query-frontend/networkpolicy.yaml +++ b/bitnami/grafana-tempo/templates/query-frontend/networkpolicy.yaml @@ -110,21 +110,21 @@ spec: - port: {{ .Values.queryFrontend.query.containerPorts.jaegerMetrics }} {{- if not .Values.queryFrontend.networkPolicy.allowExternal }} from: + {{- if .Values.queryFrontend.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-tempo.query-frontend.fullname" . }}-query-frontend: "true" + {{- end }} + {{- if .Values.queryFrontend.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.queryFrontend.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.queryFrontend.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.queryFrontend.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.queryFrontend.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.queryFrontend.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.queryFrontend.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.queryFrontend.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-tempo/templates/vulture/networkpolicy.yaml b/bitnami/grafana-tempo/templates/vulture/networkpolicy.yaml index 112c0d25d486f6..3c8ea53c909e78 100644 --- a/bitnami/grafana-tempo/templates/vulture/networkpolicy.yaml +++ b/bitnami/grafana-tempo/templates/vulture/networkpolicy.yaml @@ -98,21 +98,21 @@ spec: - port: {{ .Values.vulture.containerPorts.http }} {{- if not .Values.vulture.networkPolicy.allowExternal }} from: + {{- if .Values.vulture.networkPolicy.addExternalClientAccess }} - podSelector: matchLabels: {{ template "grafana-tempo.vulture.fullname" . }}-vulture: "true" + {{- end }} + {{- if .Values.vulture.networkPolicy.ingressPodMatchLabels }} + - podSelector: + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.vulture.networkPolicy.ingressPodMatchLabels "context" $ ) | nindent 14 }} + {{- end }} {{- if .Values.vulture.networkPolicy.ingressNSMatchLabels }} - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.vulture.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.vulture.networkPolicy.ingressNSMatchLabels "context" $ ) | nindent 14 }} {{- if .Values.vulture.networkPolicy.ingressNSPodMatchLabels }} podSelector: - matchLabels: - {{- range $key, $value := .Values.vulture.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} + matchLabels: {{- include "common.tplvalues.render" (dict "value" .Values.vulture.networkPolicy.ingressNSPodMatchLabels "context" $ ) | nindent 14 }} {{- end }} {{- end }} {{- end }} diff --git a/bitnami/grafana-tempo/values.yaml b/bitnami/grafana-tempo/values.yaml index ddbf5643f637f2..aa4061133f9ded 100644 --- a/bitnami/grafana-tempo/values.yaml +++ b/bitnami/grafana-tempo/values.yaml @@ -578,6 +578,9 @@ compactor: ## @param compactor.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param compactor.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `compactor.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param compactor.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -611,8 +614,14 @@ compactor: ## - frontend ## extraEgress: [] - ## @param compactor.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param compactor.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param compactor.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `compactor.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param compactor.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `compactor.networkPolicy.allowExternal` is true. + ## @param compactor.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `compactor.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -933,6 +942,9 @@ distributor: ## @param distributor.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param distributor.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `distributor.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param distributor.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -966,8 +978,14 @@ distributor: ## - frontend ## extraEgress: [] - ## @param distributor.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param distributor.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param distributor.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `distributor.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param distributor.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `distributor.networkPolicy.allowExternal` is true. + ## @param distributor.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `distributor.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -1282,6 +1300,9 @@ metricsGenerator: ## (with the correct destination port). ## allowExternal: true + ## @param metricsGenerator.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `metricsGenerator.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param metricsGenerator.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true @@ -1318,8 +1339,14 @@ metricsGenerator: ## - frontend ## extraEgress: [] - ## @param metricsGenerator.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param metricsGenerator.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param metricsGenerator.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `metricsGenerator.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param metricsGenerator.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `metricsGenerator.networkPolicy.allowExternal` is true. + ## @param metricsGenerator.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `metricsGenerator.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -1682,6 +1709,9 @@ ingester: ## @param ingester.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param ingester.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `ingester.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param ingester.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -1715,8 +1745,14 @@ ingester: ## - frontend ## extraEgress: [] - ## @param ingester.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param ingester.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param ingester.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `ingester.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param ingester.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `ingester.networkPolicy.allowExternal` is true. + ## @param ingester.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `ingester.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -2037,6 +2073,9 @@ querier: ## @param querier.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param querier.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `querier.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param querier.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -2070,8 +2109,14 @@ querier: ## - frontend ## extraEgress: [] - ## @param querier.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param querier.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param querier.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `querier.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param querier.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `querier.networkPolicy.allowExternal` is true. + ## @param querier.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `querier.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -2566,6 +2611,9 @@ queryFrontend: ## @param queryFrontend.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param queryFrontend.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `queryFrontend.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param queryFrontend.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -2599,8 +2647,14 @@ queryFrontend: ## - frontend ## extraEgress: [] - ## @param queryFrontend.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param queryFrontend.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param queryFrontend.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `queryFrontend.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param queryFrontend.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `queryFrontend.networkPolicy.allowExternal` is true. + ## @param queryFrontend.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `queryFrontend.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} @@ -2952,6 +3006,9 @@ vulture: ## @param vulture.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. ## allowExternalEgress: true + ## @param vulture.networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `vulture.networkPolicy.allowExternal` is true. + ## + addExternalClientAccess: true ## @param vulture.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy ## e.g: ## extraIngress: @@ -2985,8 +3042,14 @@ vulture: ## - frontend ## extraEgress: [] - ## @param vulture.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param vulture.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces + ## @param vulture.networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `vulture.networkPolicy.allowExternal` is true. + ## e.g: + ## ingressPodMatchLabels: + ## my-client: "true" + # + ingressPodMatchLabels: {} + ## @param vulture.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `vulture.networkPolicy.allowExternal` is true. + ## @param vulture.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `vulture.networkPolicy.allowExternal` is true. ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} diff --git a/bitnami/grafana/Chart.yaml b/bitnami/grafana/Chart.yaml index 23bd202e6d8adb..cd609a8f98f0a5 100644 --- a/bitnami/grafana/Chart.yaml +++ b/bitnami/grafana/Chart.yaml @@ -31,4 +31,4 @@ maintainers: name: grafana sources: - https://github.com/bitnami/charts/tree/main/bitnami/grafana -version: 10.0.12 +version: 10.1.1 diff --git a/bitnami/grafana/README.md b/bitnami/grafana/README.md index 1d8661bcd7e3bd..608add262a80cd 100644 --- a/bitnami/grafana/README.md +++ b/bitnami/grafana/README.md @@ -512,6 +512,7 @@ See the [Parameters](#parameters) section to configure the PVC or to disable per | `grafana.lifecycleHooks` | for the Grafana container(s) to automate configuration before or after startup | `{}` | | `grafana.sidecars` | Attach additional sidecar containers to the Grafana pod | `[]` | | `grafana.initContainers` | Add additional init containers to the Grafana pod(s) | `[]` | +| `grafana.enableServiceLinks` | Whether information about services should be injected into pod's environment variable | `true` | | `grafana.extraVolumes` | Additional volumes for the Grafana pod | `[]` | | `grafana.extraVolumeMounts` | Additional volume mounts for the Grafana container | `[]` | | `grafana.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Grafana nodes | `""` | diff --git a/bitnami/grafana/templates/deployment.yaml b/bitnami/grafana/templates/deployment.yaml index a1c14583e00685..4a035dc6f1a8ea 100644 --- a/bitnami/grafana/templates/deployment.yaml +++ b/bitnami/grafana/templates/deployment.yaml @@ -77,6 +77,7 @@ spec: {{- if .Values.grafana.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.grafana.terminationGracePeriodSeconds }} {{- end }} + enableServiceLinks: {{ .Values.grafana.enableServiceLinks }} initContainers: {{- if .Values.volumePermissions.enabled }} - name: volume-permissions diff --git a/bitnami/grafana/values.yaml b/bitnami/grafana/values.yaml index 46fd48345da52b..0aa875abd505a7 100644 --- a/bitnami/grafana/values.yaml +++ b/bitnami/grafana/values.yaml @@ -536,6 +536,11 @@ grafana: ## command: ['sh', '-c', 'echo "hello world"'] ## initContainers: [] + ## @param grafana.enableServiceLinks Whether information about services should be injected into pod's environment variable + ## The environment variables injected by service links are not used, but can lead to slow boot times or slow running of the scripts when there are many services in the current namespace. + ## If you experience slow pod startups or slow running of the scripts you probably want to set this to `false`. + ## + enableServiceLinks: true ## @param grafana.extraVolumes Additional volumes for the Grafana pod ## Example: ## extraVolumes: diff --git a/bitnami/haproxy/Chart.yaml b/bitnami/haproxy/Chart.yaml index 738df8f76d5a8c..c4b4d0e3ac660e 100644 --- a/bitnami/haproxy/Chart.yaml +++ b/bitnami/haproxy/Chart.yaml @@ -28,4 +28,4 @@ maintainers: name: haproxy sources: - https://github.com/bitnami/charts/tree/main/bitnami/haproxy -version: 1.1.2 +version: 1.2.1 diff --git a/bitnami/haproxy/README.md b/bitnami/haproxy/README.md index 03b3ead8a9cc32..7503c6adddba18 100644 --- a/bitnami/haproxy/README.md +++ b/bitnami/haproxy/README.md @@ -333,6 +333,7 @@ As an alternative, use one of the preset configurations for pod affinity, pod an | `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | | `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | | `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `enableServiceLinks` | If set to false, disable Kubernetes service links in the pod spec | `true` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, diff --git a/bitnami/haproxy/templates/deployment.yaml b/bitnami/haproxy/templates/deployment.yaml index 765d0cdac7ee9f..d61f133409e47d 100644 --- a/bitnami/haproxy/templates/deployment.yaml +++ b/bitnami/haproxy/templates/deployment.yaml @@ -71,6 +71,7 @@ spec: {{- if .Values.podSecurityContext.enabled }} securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.podSecurityContext "context" $) | nindent 8 }} {{- end }} + enableServiceLinks: {{ .Values.enableServiceLinks }} {{- if .Values.initContainers }} initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} {{- end }} diff --git a/bitnami/haproxy/values.yaml b/bitnami/haproxy/values.yaml index 51ef92db8c3025..f003ede068b4e5 100644 --- a/bitnami/haproxy/values.yaml +++ b/bitnami/haproxy/values.yaml @@ -623,3 +623,8 @@ serviceAccount: name: "" automountServiceAccountToken: false annotations: {} + +## @param enableServiceLinks If set to false, disable Kubernetes service links in the pod spec +## Ref: https://kubernetes.io/docs/tutorials/services/connect-applications-service/#accessing-the-service +## +enableServiceLinks: true \ No newline at end of file diff --git a/bitnami/harbor/Chart.lock b/bitnami/harbor/Chart.lock index aa39128f1ca007..edac8295bdfd67 100644 --- a/bitnami/harbor/Chart.lock +++ b/bitnami/harbor/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: redis repository: oci://registry-1.docker.io/bitnamicharts - version: 19.3.1 + version: 19.3.3 - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.3.1 + version: 15.3.3 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:fabff0ead749d34e71b1d91c0a88b7df583a2e678070b920fbf256b313dbc5c0 -generated: "2024-05-14T05:19:08.658113514Z" +digest: sha256:411328c616c8c6d6a52d577ed33ca804f362cc87f8a2b61f1e52fa083172144b +generated: "2024-05-18T03:58:06.879392461Z" diff --git a/bitnami/harbor/Chart.yaml b/bitnami/harbor/Chart.yaml index 94af885c78d6dd..7264dd8164e487 100644 --- a/bitnami/harbor/Chart.yaml +++ b/bitnami/harbor/Chart.yaml @@ -55,4 +55,4 @@ maintainers: name: harbor sources: - https://github.com/bitnami/charts/tree/main/bitnami/harbor -version: 21.1.5 +version: 21.1.6 diff --git a/bitnami/influxdb/Chart.yaml b/bitnami/influxdb/Chart.yaml index 0733fab565508d..c6195f23acf72e 100644 --- a/bitnami/influxdb/Chart.yaml +++ b/bitnami/influxdb/Chart.yaml @@ -6,11 +6,11 @@ annotations: licenses: Apache-2.0 images: | - name: aws-cli - image: docker.io/bitnami/aws-cli:2.15.40-debian-12-r3 + image: docker.io/bitnami/aws-cli:2.15.50-debian-12-r0 - name: azure-cli image: docker.io/bitnami/azure-cli:2.60.0-debian-12-r2 - name: google-cloud-sdk - image: docker.io/bitnami/google-cloud-sdk:0.475.0-debian-12-r1 + image: docker.io/bitnami/google-cloud-sdk:0.476.0-debian-12-r0 - name: influxdb image: docker.io/bitnami/influxdb:2.7.6-debian-12-r8 - name: os-shell @@ -37,4 +37,4 @@ maintainers: name: influxdb sources: - https://github.com/bitnami/charts/tree/main/bitnami/influxdb -version: 6.0.12 +version: 6.0.13 diff --git a/bitnami/influxdb/values.yaml b/bitnami/influxdb/values.yaml index c09351d426e9bb..de489c1c2c1e50 100644 --- a/bitnami/influxdb/values.yaml +++ b/bitnami/influxdb/values.yaml @@ -1060,7 +1060,7 @@ backup: image: registry: docker.io repository: bitnami/google-cloud-sdk - tag: 0.475.0-debian-12-r1 + tag: 0.476.0-debian-12-r0 digest: "" ## Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images @@ -1170,7 +1170,7 @@ backup: image: registry: docker.io repository: bitnami/aws-cli - tag: 2.15.40-debian-12-r3 + tag: 2.15.50-debian-12-r0 digest: "" ## Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images diff --git a/bitnami/jaeger/Chart.lock b/bitnami/jaeger/Chart.lock index a30b2b91aee966..e3cb1503d5bbcf 100644 --- a/bitnami/jaeger/Chart.lock +++ b/bitnami/jaeger/Chart.lock @@ -4,6 +4,6 @@ dependencies: version: 2.19.2 - name: cassandra repository: oci://registry-1.docker.io/bitnamicharts - version: 11.1.5 -digest: sha256:814c074ee5fc8ba80d724d2083b80f54acd49087249dae34fa60ea657413251c -generated: "2024-05-14T04:53:41.168154334Z" + version: 11.1.7 +digest: sha256:78bee9075e1c9eacaeb8943fadfb2b907f3007220df3dca339f692e1b9d851fd +generated: "2024-05-18T01:15:45.586358019Z" diff --git a/bitnami/jaeger/Chart.yaml b/bitnami/jaeger/Chart.yaml index 5a7be525fc6db0..7d5138d1482c90 100644 --- a/bitnami/jaeger/Chart.yaml +++ b/bitnami/jaeger/Chart.yaml @@ -34,4 +34,4 @@ maintainers: name: jaeger sources: - https://github.com/bitnami/charts/tree/main/bitnami/jaeger -version: 2.1.4 +version: 2.1.5 diff --git a/bitnami/janusgraph/Chart.lock b/bitnami/janusgraph/Chart.lock index fc6cb71f1594cf..b7a35ebce1e5ac 100644 --- a/bitnami/janusgraph/Chart.lock +++ b/bitnami/janusgraph/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: cassandra repository: oci://registry-1.docker.io/bitnamicharts - version: 11.1.5 + version: 11.1.7 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:cf2aba62622fd16d3137fdc1edea93ee524c7f9d6460532fea8eba06e50f539b -generated: "2024-05-14T04:54:40.295856611Z" +digest: sha256:ced9381cea9fd6c9a01a176200be0171748ebf3c0c2004b31a12c9bf81e6a706 +generated: "2024-05-18T01:15:49.251069125Z" diff --git a/bitnami/janusgraph/Chart.yaml b/bitnami/janusgraph/Chart.yaml index 353ef0f6cc4059..246c3d383d5f29 100644 --- a/bitnami/janusgraph/Chart.yaml +++ b/bitnami/janusgraph/Chart.yaml @@ -37,4 +37,4 @@ name: janusgraph sources: - https://github.com/bitnami/containers/tree/main/bitnami/janusgraph - https://github.com/janusgraph/janusgraph -version: 0.1.6 +version: 0.1.7 diff --git a/bitnami/jenkins/Chart.yaml b/bitnami/jenkins/Chart.yaml index d342c47a42e75f..d1f660a0ee8379 100644 --- a/bitnami/jenkins/Chart.yaml +++ b/bitnami/jenkins/Chart.yaml @@ -8,7 +8,7 @@ annotations: - name: jenkins image: docker.io/bitnami/jenkins:2.452.1-debian-12-r1 - name: jenkins-agent - image: docker.io/bitnami/jenkins-agent:0.3206.0-debian-12-r14 + image: docker.io/bitnami/jenkins-agent:0.3248.0-debian-12-r0 - name: os-shell image: docker.io/bitnami/os-shell:12-debian-12-r21 apiVersion: v2 diff --git a/bitnami/jenkins/templates/deployment.yaml b/bitnami/jenkins/templates/deployment.yaml index f419cecb6cd95e..7c7a096cad08f5 100644 --- a/bitnami/jenkins/templates/deployment.yaml +++ b/bitnami/jenkins/templates/deployment.yaml @@ -310,8 +310,7 @@ spec: livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.livenessProbe.enabled }} livenessProbe: - httpGet: - path: /login + tcpSocket: port: http initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} diff --git a/bitnami/jenkins/values.yaml b/bitnami/jenkins/values.yaml index 694513d3ed19db..d0181ad6b84601 100644 --- a/bitnami/jenkins/values.yaml +++ b/bitnami/jenkins/values.yaml @@ -379,7 +379,7 @@ agent: image: registry: docker.io repository: bitnami/jenkins-agent - tag: 0.3206.0-debian-12-r14 + tag: 0.3248.0-debian-12-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/bitnami/joomla/Chart.lock b/bitnami/joomla/Chart.lock index 627d847adc496c..07402476fb1e89 100644 --- a/bitnami/joomla/Chart.lock +++ b/bitnami/joomla/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: mariadb repository: oci://registry-1.docker.io/bitnamicharts - version: 18.0.3 + version: 18.0.5 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:4528b6ec95332de31a435861d2e676c0267aaf44beefa2216f74d500bbd25ce8 -generated: "2024-05-14T04:56:26.328391154Z" +digest: sha256:c5470e186b8c675df045d2df334629fb8a47a53f87044bd4348c80105ca25eaf +generated: "2024-05-15T16:56:09.988817+02:00" diff --git a/bitnami/joomla/Chart.yaml b/bitnami/joomla/Chart.yaml index f214003f9f30c9..94759f06de8709 100644 --- a/bitnami/joomla/Chart.yaml +++ b/bitnami/joomla/Chart.yaml @@ -36,4 +36,4 @@ maintainers: name: joomla sources: - https://github.com/bitnami/charts/tree/main/bitnami/joomla -version: 19.0.3 +version: 19.0.5 diff --git a/bitnami/joomla/templates/deployment.yaml b/bitnami/joomla/templates/deployment.yaml index 081e472d9af59c..696b837982c409 100644 --- a/bitnami/joomla/templates/deployment.yaml +++ b/bitnami/joomla/templates/deployment.yaml @@ -169,8 +169,7 @@ spec: livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.livenessProbe.enabled }} livenessProbe: - httpGet: - path: /index.php + tcpSocket: port: http initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} diff --git a/bitnami/jupyterhub/Chart.lock b/bitnami/jupyterhub/Chart.lock index a91bb7cbbb45b1..75f971a2106bdd 100644 --- a/bitnami/jupyterhub/Chart.lock +++ b/bitnami/jupyterhub/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.3.1 + version: 15.3.2 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:0a137267accf031c1dd6e0f4779956e4e1c02065ff182b6eeadd95f9c5873bc9 -generated: "2024-05-14T04:56:47.165551784Z" +digest: sha256:b3be00d62395c3cbec87e3ed0b505d68b48a969323d3e4bb14428dca34c75a52 +generated: "2024-05-18T01:18:03.062700442Z" diff --git a/bitnami/jupyterhub/Chart.yaml b/bitnami/jupyterhub/Chart.yaml index b24c94a0f2d24b..ff7d35d508f595 100644 --- a/bitnami/jupyterhub/Chart.yaml +++ b/bitnami/jupyterhub/Chart.yaml @@ -37,4 +37,4 @@ maintainers: name: jupyterhub sources: - https://github.com/bitnami/charts/tree/main/bitnami/jupyterhub -version: 7.0.4 +version: 7.0.5 diff --git a/bitnami/kafka/Chart.lock b/bitnami/kafka/Chart.lock index 0dd98bb142ba6f..df2d9c8c7b7df7 100644 --- a/bitnami/kafka/Chart.lock +++ b/bitnami/kafka/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: zookeeper repository: oci://registry-1.docker.io/bitnamicharts - version: 13.2.0 + version: 13.2.1 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:61c9536208656f33fcd0504e5b5d30475ef4628a632f316ec1ffe80531834d26 -generated: "2024-05-13T16:28:19.315618619Z" +digest: sha256:4aa715856f3250fb786c737f21e3095d798b0a91695dde4e99230f064873b5e2 +generated: "2024-05-18T01:19:06.707326766Z" diff --git a/bitnami/kafka/Chart.yaml b/bitnami/kafka/Chart.yaml index 714324906a5b2b..95e6eea3dd9f9c 100644 --- a/bitnami/kafka/Chart.yaml +++ b/bitnami/kafka/Chart.yaml @@ -12,7 +12,7 @@ annotations: - name: kafka-exporter image: docker.io/bitnami/kafka-exporter:1.7.0-debian-12-r27 - name: kubectl - image: docker.io/bitnami/kubectl:1.30.0-debian-12-r5 + image: docker.io/bitnami/kubectl:1.30.1-debian-12-r0 - name: os-shell image: docker.io/bitnami/os-shell:12-debian-12-r21 apiVersion: v2 @@ -42,4 +42,4 @@ maintainers: name: kafka sources: - https://github.com/bitnami/charts/tree/main/bitnami/kafka -version: 28.2.4 +version: 28.2.5 diff --git a/bitnami/kafka/values.yaml b/bitnami/kafka/values.yaml index 5ba362c357c7d0..60c93165e32443 100644 --- a/bitnami/kafka/values.yaml +++ b/bitnami/kafka/values.yaml @@ -1489,7 +1489,7 @@ externalAccess: image: registry: docker.io repository: bitnami/kubectl - tag: 1.30.0-debian-12-r5 + tag: 1.30.1-debian-12-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/bitnami/keycloak/Chart.lock b/bitnami/keycloak/Chart.lock index 9bf9c447918c1b..aa3f12c5dc687e 100644 --- a/bitnami/keycloak/Chart.lock +++ b/bitnami/keycloak/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.3.1 + version: 15.3.2 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:0a137267accf031c1dd6e0f4779956e4e1c02065ff182b6eeadd95f9c5873bc9 -generated: "2024-05-14T04:57:41.347728676Z" +digest: sha256:b3be00d62395c3cbec87e3ed0b505d68b48a969323d3e4bb14428dca34c75a52 +generated: "2024-05-18T01:19:16.287399993Z" diff --git a/bitnami/keycloak/Chart.yaml b/bitnami/keycloak/Chart.yaml index 9d1ed61b4f9561..9e509c71ca1525 100644 --- a/bitnami/keycloak/Chart.yaml +++ b/bitnami/keycloak/Chart.yaml @@ -33,4 +33,4 @@ maintainers: name: keycloak sources: - https://github.com/bitnami/charts/tree/main/bitnami/keycloak -version: 21.2.1 +version: 21.2.2 diff --git a/bitnami/kiam/Chart.yaml b/bitnami/kiam/Chart.yaml index a49e36085413f8..4d52a79f36ded8 100644 --- a/bitnami/kiam/Chart.yaml +++ b/bitnami/kiam/Chart.yaml @@ -28,4 +28,4 @@ maintainers: name: kiam sources: - https://github.com/bitnami/charts/tree/main/bitnami/kiam -version: 2.0.4 +version: 2.0.5 diff --git a/bitnami/kibana/Chart.yaml b/bitnami/kibana/Chart.yaml index 6519d8dc1d77d8..9ab946eeec69cd 100644 --- a/bitnami/kibana/Chart.yaml +++ b/bitnami/kibana/Chart.yaml @@ -6,11 +6,11 @@ annotations: licenses: Apache-2.0 images: | - name: kibana - image: docker.io/bitnami/kibana:8.13.3-debian-12-r2 + image: docker.io/bitnami/kibana:8.13.4-debian-12-r0 - name: os-shell image: docker.io/bitnami/os-shell:12-debian-12-r21 apiVersion: v2 -appVersion: 8.13.3 +appVersion: 8.13.4 dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts @@ -32,4 +32,4 @@ maintainers: name: kibana sources: - https://github.com/bitnami/charts/tree/main/bitnami/kibana -version: 11.0.6 +version: 11.0.7 diff --git a/bitnami/kibana/values.yaml b/bitnami/kibana/values.yaml index d2faefca1cd4a6..a75a49889a36cb 100644 --- a/bitnami/kibana/values.yaml +++ b/bitnami/kibana/values.yaml @@ -79,7 +79,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/kibana - tag: 8.13.3-debian-12-r2 + tag: 8.13.4-debian-12-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/bitnami/kong/Chart.lock b/bitnami/kong/Chart.lock index 208efeefc52c91..a4b73fd3ff584f 100644 --- a/bitnami/kong/Chart.lock +++ b/bitnami/kong/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.3.1 + version: 15.3.2 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 - name: cassandra repository: oci://registry-1.docker.io/bitnamicharts - version: 11.1.5 -digest: sha256:6c49864bac99a73218897f65d47759fee749c4f7a35973df2a74db9610a70b2b -generated: "2024-05-14T04:58:45.981872219Z" + version: 11.1.7 +digest: sha256:f98529d6a63510ae5eaf83a71ea86ebeb0508cfceacd08b25892541a935aacc7 +generated: "2024-05-18T01:28:32.048250206Z" diff --git a/bitnami/kong/Chart.yaml b/bitnami/kong/Chart.yaml index 9f0fea76f1c599..32295f5043ab2d 100644 --- a/bitnami/kong/Chart.yaml +++ b/bitnami/kong/Chart.yaml @@ -8,7 +8,7 @@ annotations: - name: kong image: docker.io/bitnami/kong:3.6.1-debian-12-r23 - name: kong-ingress-controller - image: docker.io/bitnami/kong-ingress-controller:3.1.4-debian-12-r4 + image: docker.io/bitnami/kong-ingress-controller:3.1.5-debian-12-r0 - name: postgresql image: docker.io/bitnami/postgresql:14.12.0-debian-12-r4 apiVersion: v2 @@ -45,4 +45,4 @@ maintainers: name: kong sources: - https://github.com/bitnami/charts/tree/main/bitnami/kong -version: 12.0.10 +version: 12.0.11 diff --git a/bitnami/kong/crds/custom-resource-definitions.yaml b/bitnami/kong/crds/custom-resource-definitions.yaml index 2839f7e42135cd..83d1116c30ccff 100644 --- a/bitnami/kong/crds/custom-resource-definitions.yaml +++ b/bitnami/kong/crds/custom-resource-definitions.yaml @@ -1,5 +1,5 @@ # Source: https://github.com/kong/kubernetes-ingress-controller/config/crd?ref=v{version} -# Version: 3.1.4 +# Version: 3.1.5 # VersionOf: kong-ingress-controller # UseKustomize: true apiVersion: apiextensions.k8s.io/v1 diff --git a/bitnami/kong/values.yaml b/bitnami/kong/values.yaml index ffce8eed954951..2478159ced980a 100644 --- a/bitnami/kong/values.yaml +++ b/bitnami/kong/values.yaml @@ -663,7 +663,7 @@ ingressController: image: registry: docker.io repository: bitnami/kong-ingress-controller - tag: 3.1.4-debian-12-r4 + tag: 3.1.5-debian-12-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/bitnami/kube-prometheus/Chart.lock b/bitnami/kube-prometheus/Chart.lock index 10a5b7e87ce429..49c213e3270cd4 100644 --- a/bitnami/kube-prometheus/Chart.lock +++ b/bitnami/kube-prometheus/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: node-exporter repository: oci://registry-1.docker.io/bitnamicharts - version: 4.2.1 + version: 4.2.3 - name: kube-state-metrics repository: oci://registry-1.docker.io/bitnamicharts - version: 4.0.5 + version: 4.0.7 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.19.2 -digest: sha256:ea7390904d16ddee6d76369407d4b8c42c251282d48915a0b34b1588ffc307ed -generated: "2024-05-13T11:53:24.592811229Z" +digest: sha256:75670afee7d545d130bfa0a02bc325bfead042f1111d4a7f5a82266532ededa1 +generated: "2024-05-18T03:58:15.479539764Z" diff --git a/bitnami/kube-prometheus/Chart.yaml b/bitnami/kube-prometheus/Chart.yaml index 8c73ab9a8d86a0..6e60d347c8a146 100644 --- a/bitnami/kube-prometheus/Chart.yaml +++ b/bitnami/kube-prometheus/Chart.yaml @@ -12,11 +12,11 @@ annotations: - name: prometheus image: docker.io/bitnami/prometheus:2.52.0-debian-12-r2 - name: prometheus-operator - image: docker.io/bitnami/prometheus-operator:0.73.2-debian-12-r6 + image: docker.io/bitnami/prometheus-operator:0.74.0-debian-12-r0 - name: thanos image: docker.io/bitnami/thanos:0.35.0-debian-12-r4 apiVersion: v2 -appVersion: 0.73.2 +appVersion: 0.74.0 dependencies: - condition: exporters.enabled,exporters.node-exporter.enabled name: node-exporter @@ -46,4 +46,4 @@ maintainers: name: kube-prometheus sources: - https://github.com/bitnami/charts/tree/main/bitnami/kube-prometheus -version: 9.0.9 +version: 9.1.2 diff --git a/bitnami/kube-prometheus/README.md b/bitnami/kube-prometheus/README.md index 169cf81cc95ead..fcee906d6626e5 100644 --- a/bitnami/kube-prometheus/README.md +++ b/bitnami/kube-prometheus/README.md @@ -280,6 +280,9 @@ As an alternative, use one of the preset configurations for pod affinity, pod an | `operator.prometheusConfigReloader.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | | `operator.prometheusConfigReloader.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | | `operator.namespaces` | Optional comma-separated list of namespaces to watch (default=all). | `""` | +| `operator.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `operator.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `operator.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | ### Prometheus Parameters @@ -808,6 +811,9 @@ As an alternative, use one of the preset configurations for pod affinity, pod an | `blackboxExporter.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | | `blackboxExporter.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | | `blackboxExporter.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| `blackboxExporter.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `blackboxExporter.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `blackboxExporter.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | | `kubeApiServer.enabled` | Create a ServiceMonitor to scrape kube-apiserver service | `true` | | `kubeApiServer.serviceMonitor.interval` | Scrape interval. If not set, the Prometheus default scrape interval is used. | `""` | | `kubeApiServer.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `component` | diff --git a/bitnami/kube-prometheus/crds/crd-alertmanagerconfigs.yaml b/bitnami/kube-prometheus/crds/crd-alertmanagerconfigs.yaml index 56ab9f16c8a08e..be25667b0c329f 100644 --- a/bitnami/kube-prometheus/crds/crd-alertmanagerconfigs.yaml +++ b/bitnami/kube-prometheus/crds/crd-alertmanagerconfigs.yaml @@ -1,12 +1,12 @@ # Source: https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v{version}/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml -# Version: 0.73.2 +# Version: 0.74.0 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.73.2 + controller-gen.kubebuilder.io/version: v0.14.0 + operator.prometheus.io/version: 0.74.0 name: alertmanagerconfigs.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -24,51 +24,62 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: AlertmanagerConfig configures the Prometheus Alertmanager, specifying - how alerts should be grouped, inhibited and notified to external systems. + description: |- + AlertmanagerConfig configures the Prometheus Alertmanager, + specifying how alerts should be grouped, inhibited and notified to external systems. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: AlertmanagerConfigSpec is a specification of the desired - behavior of the Alertmanager configuration. By definition, the Alertmanager - configuration only applies to alerts for which the `namespace` label - is equal to the namespace of the AlertmanagerConfig resource. + description: |- + AlertmanagerConfigSpec is a specification of the desired behavior of the Alertmanager configuration. + By definition, the Alertmanager configuration only applies to alerts for which + the `namespace` label is equal to the namespace of the AlertmanagerConfig resource. properties: inhibitRules: - description: List of inhibition rules. The rules will only apply to - alerts matching the resource's namespace. + description: |- + List of inhibition rules. The rules will only apply to alerts matching + the resource's namespace. items: - description: InhibitRule defines an inhibition rule that allows - to mute alerts when other alerts are already firing. See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule + description: |- + InhibitRule defines an inhibition rule that allows to mute alerts when other + alerts are already firing. + See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule properties: equal: - description: Labels that must have an equal value in the source - and target alert for the inhibition to take effect. + description: |- + Labels that must have an equal value in the source and target alert for + the inhibition to take effect. items: type: string type: array sourceMatch: - description: Matchers for which one or more alerts have to exist - for the inhibition to take effect. The operator enforces that - the alert matches the resource's namespace. + description: |- + Matchers for which one or more alerts have to exist for the inhibition + to take effect. The operator enforces that the alert matches the + resource's namespace. items: description: Matcher defines how to match on alert's labels. properties: matchType: - description: Match operation available with AlertManager - >= v0.22.0 and takes precedence over Regex (deprecated) - if non-empty. + description: |- + Match operation available with AlertManager >= v0.22.0 and + takes precedence over Regex (deprecated) if non-empty. enum: - '!=' - = @@ -80,9 +91,9 @@ spec: minLength: 1 type: string regex: - description: 'Whether to match on equality (false) or - regular-expression (true). Deprecated: for AlertManager - >= v0.22.0, `matchType` should be used instead.' + description: |- + Whether to match on equality (false) or regular-expression (true). + Deprecated: for AlertManager >= v0.22.0, `matchType` should be used instead. type: boolean value: description: Label value to match. @@ -92,16 +103,16 @@ spec: type: object type: array targetMatch: - description: Matchers that have to be fulfilled in the alerts - to be muted. The operator enforces that the alert matches - the resource's namespace. + description: |- + Matchers that have to be fulfilled in the alerts to be muted. The + operator enforces that the alert matches the resource's namespace. items: description: Matcher defines how to match on alert's labels. properties: matchType: - description: Match operation available with AlertManager - >= v0.22.0 and takes precedence over Regex (deprecated) - if non-empty. + description: |- + Match operation available with AlertManager >= v0.22.0 and + takes precedence over Regex (deprecated) if non-empty. enum: - '!=' - = @@ -113,9 +124,9 @@ spec: minLength: 1 type: string regex: - description: 'Whether to match on equality (false) or - regular-expression (true). Deprecated: for AlertManager - >= v0.22.0, `matchType` should be used instead.' + description: |- + Whether to match on equality (false) or regular-expression (true). + Deprecated: for AlertManager >= v0.22.0, `matchType` should be used instead. type: boolean value: description: Label value to match. @@ -162,11 +173,9 @@ spec: months: description: Months is a list of MonthRange items: - description: MonthRange is an inclusive range of months - of the year beginning in January Months can be specified - by name (e.g 'January') by numerical month (e.g '1') - or as an inclusive range (e.g 'January:March', '1:3', - '1:March') + description: |- + MonthRange is an inclusive range of months of the year beginning in January + Months can be specified by name (e.g 'January') by numerical month (e.g '1') or as an inclusive range (e.g 'January:March', '1:3', '1:March') pattern: ^((?i)january|february|march|april|may|june|july|august|september|october|november|december|1[0-2]|[1-9])(?:((:((?i)january|february|march|april|may|june|july|august|september|october|november|december|1[0-2]|[1-9]))$)|$) type: string type: array @@ -190,10 +199,9 @@ spec: weekdays: description: Weekdays is a list of WeekdayRange items: - description: WeekdayRange is an inclusive range of days - of the week beginning on Sunday Days can be specified - by name (e.g 'Sunday') or as an inclusive range (e.g - 'Monday:Friday') + description: |- + WeekdayRange is an inclusive range of days of the week beginning on Sunday + Days can be specified by name (e.g 'Sunday') or as an inclusive range (e.g 'Monday:Friday') pattern: ^((?i)sun|mon|tues|wednes|thurs|fri|satur)day(?:((:(sun|mon|tues|wednes|thurs|fri|satur)day)$)|$) type: string type: array @@ -216,23 +224,25 @@ spec: discordConfigs: description: List of Discord configurations. items: - description: DiscordConfig configures notifications via Discord. + description: |- + DiscordConfig configures notifications via Discord. See https://prometheus.io/docs/alerting/latest/configuration/#discord_config properties: apiURL: - description: The secret's key that contains the Discord - webhook URL. The secret needs to be in the same namespace - as the AlertmanagerConfig object and accessible by the - Prometheus Operator. + description: |- + The secret's key that contains the Discord webhook URL. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -246,10 +256,9 @@ spec: description: HTTP client configuration. properties: authorization: - description: Authorization header configuration for - the client. This is mutually exclusive with BasicAuth - and is only available starting from Alertmanager - v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the @@ -261,10 +270,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -275,29 +284,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. - The value is case-insensitive. \n \"Basic\" - is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, - BasicAuth takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a - Secret containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -308,18 +323,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a - Secret containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -331,21 +347,21 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. - The secret needs to be in the same namespace as - the AlertmanagerConfig object and accessible by - the Prometheus Operator. + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -364,9 +380,9 @@ spec: a token for the targets. properties: clientId: - description: '`clientId` specifies a key of a - Secret or ConfigMap containing the OAuth2 client''s - ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to @@ -376,10 +392,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -399,10 +415,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -414,18 +430,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of - a Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -438,8 +455,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the - HTTP parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes @@ -475,10 +493,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -498,10 +516,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -524,10 +542,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -547,10 +565,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -573,10 +591,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -614,19 +632,20 @@ spec: description: The identity to use for authentication. type: string authPassword: - description: The secret's key that contains the password - to use for authentication. The secret needs to be in - the same namespace as the AlertmanagerConfig object - and accessible by the Prometheus Operator. + description: |- + The secret's key that contains the password to use for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -637,19 +656,20 @@ spec: type: object x-kubernetes-map-type: atomic authSecret: - description: The secret's key that contains the CRAM-MD5 - secret. The secret needs to be in the same namespace - as the AlertmanagerConfig object and accessible by the - Prometheus Operator. + description: |- + The secret's key that contains the CRAM-MD5 secret. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -666,9 +686,9 @@ spec: description: The sender address. type: string headers: - description: Further headers email header key/value pairs. - Overrides any headers previously set by the notification - implementation. + description: |- + Further headers email header key/value pairs. Overrides any headers + previously set by the notification implementation. items: description: KeyValue defines a (key, value) tuple. properties: @@ -691,8 +711,9 @@ spec: description: The HTML body of the email notification. type: string requireTLS: - description: The SMTP TLS requirement. Note that Go does - not support unencrypted connections to remote SMTP endpoints. + description: |- + The SMTP TLS requirement. + Note that Go does not support unencrypted connections to remote SMTP endpoints. type: boolean sendResolved: description: Whether or not to notify about resolved alerts. @@ -719,10 +740,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -741,10 +762,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -767,10 +788,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -789,10 +810,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -815,10 +836,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -838,20 +859,21 @@ spec: type: object type: array msteamsConfigs: - description: List of MSTeams configurations. It requires Alertmanager - >= 0.26.0. + description: |- + List of MSTeams configurations. + It requires Alertmanager >= 0.26.0. items: - description: MSTeamsConfig configures notifications via Microsoft - Teams. It requires Alertmanager >= 0.26.0. + description: |- + MSTeamsConfig configures notifications via Microsoft Teams. + It requires Alertmanager >= 0.26.0. properties: httpConfig: description: HTTP client configuration. properties: authorization: - description: Authorization header configuration for - the client. This is mutually exclusive with BasicAuth - and is only available starting from Alertmanager - v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the @@ -863,10 +885,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -877,29 +899,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. - The value is case-insensitive. \n \"Basic\" - is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, - BasicAuth takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a - Secret containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -910,18 +938,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a - Secret containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -933,21 +962,21 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. - The secret needs to be in the same namespace as - the AlertmanagerConfig object and accessible by - the Prometheus Operator. + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -966,9 +995,9 @@ spec: a token for the targets. properties: clientId: - description: '`clientId` specifies a key of a - Secret or ConfigMap containing the OAuth2 client''s - ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to @@ -978,10 +1007,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1001,10 +1030,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -1016,18 +1045,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of - a Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1040,8 +1070,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the - HTTP parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes @@ -1077,10 +1108,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1100,10 +1131,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -1126,10 +1157,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1149,10 +1180,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -1175,10 +1206,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1198,8 +1229,9 @@ spec: description: Whether to notify about resolved alerts. type: boolean summary: - description: Message summary template. It requires Alertmanager - >= 0.27.0. + description: |- + Message summary template. + It requires Alertmanager >= 0.27.0. type: string text: description: Message body template. @@ -1215,9 +1247,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1239,7 +1272,8 @@ spec: opsgenieConfigs: description: List of OpsGenie configurations. items: - description: OpsGenieConfig configures notifications via OpsGenie. + description: |- + OpsGenieConfig configures notifications via OpsGenie. See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config properties: actions: @@ -1247,19 +1281,20 @@ spec: be available for the alert. type: string apiKey: - description: The secret's key that contains the OpsGenie - API key. The secret needs to be in the same namespace - as the AlertmanagerConfig object and accessible by the - Prometheus Operator. + description: |- + The secret's key that contains the OpsGenie API key. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1301,10 +1336,9 @@ spec: description: HTTP client configuration. properties: authorization: - description: Authorization header configuration for - the client. This is mutually exclusive with BasicAuth - and is only available starting from Alertmanager - v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the @@ -1316,10 +1350,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1330,29 +1364,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. - The value is case-insensitive. \n \"Basic\" - is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, - BasicAuth takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a - Secret containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1363,18 +1403,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a - Secret containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1386,21 +1427,21 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. - The secret needs to be in the same namespace as - the AlertmanagerConfig object and accessible by - the Prometheus Operator. + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -1419,9 +1460,9 @@ spec: a token for the targets. properties: clientId: - description: '`clientId` specifies a key of a - Secret or ConfigMap containing the OAuth2 client''s - ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to @@ -1431,10 +1472,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1454,10 +1495,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -1469,18 +1510,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of - a Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1493,8 +1535,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the - HTTP parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes @@ -1530,10 +1573,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1553,10 +1596,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -1579,10 +1622,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1602,10 +1645,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -1628,10 +1671,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1660,9 +1703,9 @@ spec: responders: description: List of responders responsible for notifications. items: - description: OpsGenieConfigResponder defines a responder - to an incident. One of `id`, `name` or `username` - has to be defined. + description: |- + OpsGenieConfigResponder defines a responder to an incident. + One of `id`, `name` or `username` has to be defined. properties: id: description: ID of the responder. @@ -1672,12 +1715,6 @@ spec: type: string type: description: Type of responder. - enum: - - team - - teams - - user - - escalation - - schedule minLength: 1 type: string username: @@ -1698,18 +1735,18 @@ spec: the notifications. type: string updateAlerts: - description: Whether to update message and description - of the alert in OpsGenie if it already exists By default, - the alert is never updated in OpsGenie, the new message - only appears in activity log. + description: |- + Whether to update message and description of the alert in OpsGenie if it already exists + By default, the alert is never updated in OpsGenie, the new message only appears in activity log. type: boolean type: object type: array pagerdutyConfigs: description: List of PagerDuty configurations. items: - description: PagerDutyConfig configures notifications via - PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config + description: |- + PagerDutyConfig configures notifications via PagerDuty. + See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config properties: class: description: The class/type of the event. @@ -1752,10 +1789,9 @@ spec: description: HTTP client configuration. properties: authorization: - description: Authorization header configuration for - the client. This is mutually exclusive with BasicAuth - and is only available starting from Alertmanager - v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the @@ -1767,10 +1803,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1781,29 +1817,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. - The value is case-insensitive. \n \"Basic\" - is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, - BasicAuth takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a - Secret containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1814,18 +1856,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a - Secret containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1837,21 +1880,21 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. - The secret needs to be in the same namespace as - the AlertmanagerConfig object and accessible by - the Prometheus Operator. + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -1870,9 +1913,9 @@ spec: a token for the targets. properties: clientId: - description: '`clientId` specifies a key of a - Secret or ConfigMap containing the OAuth2 client''s - ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to @@ -1882,10 +1925,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1905,10 +1948,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -1920,18 +1963,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of - a Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1944,8 +1988,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the - HTTP parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes @@ -1981,10 +2026,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -2004,10 +2049,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -2030,10 +2075,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -2053,10 +2098,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -2079,10 +2124,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -2136,10 +2181,10 @@ spec: type: object type: array routingKey: - description: The secret's key that contains the PagerDuty - integration key (when using Events API v2). Either this - field or `serviceKey` needs to be defined. The secret - needs to be in the same namespace as the AlertmanagerConfig + description: |- + The secret's key that contains the PagerDuty integration key (when using + Events API v2). Either this field or `serviceKey` needs to be defined. + The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: key: @@ -2147,9 +2192,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -2163,21 +2209,22 @@ spec: description: Whether or not to notify about resolved alerts. type: boolean serviceKey: - description: The secret's key that contains the PagerDuty - service key (when using integration type "Prometheus"). - Either this field or `routingKey` needs to be defined. - The secret needs to be in the same namespace as the - AlertmanagerConfig object and accessible by the Prometheus - Operator. + description: |- + The secret's key that contains the PagerDuty service key (when using + integration type "Prometheus"). Either this field or `routingKey` needs to + be defined. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -2198,7 +2245,8 @@ spec: pushoverConfigs: description: List of Pushover configurations. items: - description: PushoverConfig configures notifications via Pushover. + description: |- + PushoverConfig configures notifications via Pushover. See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config properties: device: @@ -2206,9 +2254,9 @@ spec: to type: string expire: - description: How long your notification will continue - to be retried for, unless the user acknowledges the - notification. + description: |- + How long your notification will continue to be retried for, unless the user + acknowledges the notification. pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ type: string html: @@ -2219,10 +2267,9 @@ spec: description: HTTP client configuration. properties: authorization: - description: Authorization header configuration for - the client. This is mutually exclusive with BasicAuth - and is only available starting from Alertmanager - v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the @@ -2234,10 +2281,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -2248,29 +2295,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. - The value is case-insensitive. \n \"Basic\" - is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, - BasicAuth takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a - Secret containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -2281,18 +2334,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a - Secret containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -2304,21 +2358,21 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. - The secret needs to be in the same namespace as - the AlertmanagerConfig object and accessible by - the Prometheus Operator. + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -2337,9 +2391,9 @@ spec: a token for the targets. properties: clientId: - description: '`clientId` specifies a key of a - Secret or ConfigMap containing the OAuth2 client''s - ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to @@ -2349,10 +2403,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -2372,10 +2426,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -2387,18 +2441,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of - a Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -2411,8 +2466,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the - HTTP parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes @@ -2448,10 +2504,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -2471,10 +2527,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -2497,10 +2553,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -2520,10 +2576,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -2546,10 +2602,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -2572,9 +2628,9 @@ spec: description: Priority, see https://pushover.net/api#priority type: string retry: - description: How often the Pushover servers will send - the same notification to the user. Must be at least - 30 seconds. + description: |- + How often the Pushover servers will send the same notification to the user. + Must be at least 30 seconds. pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ type: string sendResolved: @@ -2589,20 +2645,21 @@ spec: description: Notification title. type: string token: - description: The secret's key that contains the registered - application's API token, see https://pushover.net/apps. - The secret needs to be in the same namespace as the - AlertmanagerConfig object and accessible by the Prometheus - Operator. Either `token` or `tokenFile` is required. + description: |- + The secret's key that contains the registered application's API token, see https://pushover.net/apps. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. + Either `token` or `tokenFile` is required. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -2613,10 +2670,10 @@ spec: type: object x-kubernetes-map-type: atomic tokenFile: - description: The token file that contains the registered - application's API token, see https://pushover.net/apps. - Either `token` or `tokenFile` is required. It requires - Alertmanager >= v0.26.0. + description: |- + The token file that contains the registered application's API token, see https://pushover.net/apps. + Either `token` or `tokenFile` is required. + It requires Alertmanager >= v0.26.0. type: string url: description: A supplementary URL shown alongside the message. @@ -2626,20 +2683,21 @@ spec: just the URL is shown type: string userKey: - description: The secret's key that contains the recipient - user's user key. The secret needs to be in the same - namespace as the AlertmanagerConfig object and accessible - by the Prometheus Operator. Either `userKey` or `userKeyFile` - is required. + description: |- + The secret's key that contains the recipient user's user key. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. + Either `userKey` or `userKeyFile` is required. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -2650,32 +2708,36 @@ spec: type: object x-kubernetes-map-type: atomic userKeyFile: - description: The user key file that contains the recipient - user's user key. Either `userKey` or `userKeyFile` is - required. It requires Alertmanager >= v0.26.0. + description: |- + The user key file that contains the recipient user's user key. + Either `userKey` or `userKeyFile` is required. + It requires Alertmanager >= v0.26.0. type: string type: object type: array slackConfigs: description: List of Slack configurations. items: - description: SlackConfig configures notifications via Slack. + description: |- + SlackConfig configures notifications via Slack. See https://prometheus.io/docs/alerting/latest/configuration/#slack_config properties: actions: description: A list of Slack actions that are sent with each notification. items: - description: SlackAction configures a single Slack action - that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields - and https://api.slack.com/docs/message-buttons for - more information. + description: |- + SlackAction configures a single Slack action that is sent with each + notification. + See https://api.slack.com/docs/message-attachments#action_fields and + https://api.slack.com/docs/message-buttons for more information. properties: confirm: - description: SlackConfirmationField protect users - from destructive actions or particularly distinguished - decisions by asking them to confirm their button - click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields + description: |- + SlackConfirmationField protect users from destructive actions or + particularly distinguished decisions by asking them to confirm their button + click one more time. + See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields for more information. properties: dismissText: @@ -2710,19 +2772,20 @@ spec: type: object type: array apiURL: - description: The secret's key that contains the Slack - webhook URL. The secret needs to be in the same namespace - as the AlertmanagerConfig object and accessible by the - Prometheus Operator. + description: |- + The secret's key that contains the Slack webhook URL. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -2746,13 +2809,11 @@ spec: description: A list of Slack fields that are sent with each notification. items: - description: SlackField configures a single Slack field - that is sent with each notification. Each field must - contain a title, value, and optionally, a boolean - value to indicate if the field is short enough to - be displayed next to other fields designated as short. - See https://api.slack.com/docs/message-attachments#fields - for more information. + description: |- + SlackField configures a single Slack field that is sent with each notification. + Each field must contain a title, value, and optionally, a boolean value to indicate if the field + is short enough to be displayed next to other fields designated as short. + See https://api.slack.com/docs/message-attachments#fields for more information. properties: short: type: boolean @@ -2773,10 +2834,9 @@ spec: description: HTTP client configuration. properties: authorization: - description: Authorization header configuration for - the client. This is mutually exclusive with BasicAuth - and is only available starting from Alertmanager - v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the @@ -2788,10 +2848,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -2802,29 +2862,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. - The value is case-insensitive. \n \"Basic\" - is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, - BasicAuth takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a - Secret containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -2835,18 +2901,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a - Secret containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -2858,21 +2925,21 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. - The secret needs to be in the same namespace as - the AlertmanagerConfig object and accessible by - the Prometheus Operator. + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -2891,9 +2958,9 @@ spec: a token for the targets. properties: clientId: - description: '`clientId` specifies a key of a - Secret or ConfigMap containing the OAuth2 client''s - ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to @@ -2903,10 +2970,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -2926,10 +2993,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -2941,18 +3008,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of - a Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -2965,8 +3033,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the - HTTP parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes @@ -3002,10 +3071,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -3025,10 +3094,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -3051,10 +3120,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -3074,10 +3143,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -3100,10 +3169,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -3153,13 +3222,14 @@ spec: snsConfigs: description: List of SNS configurations items: - description: SNSConfig configures notifications via AWS SNS. + description: |- + SNSConfig configures notifications via AWS SNS. See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs properties: apiURL: - description: The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. - If not specified, the SNS API URL from the SNS SDK will - be used. + description: |- + The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. + If not specified, the SNS API URL from the SNS SDK will be used. type: string attributes: additionalProperties: @@ -3170,10 +3240,9 @@ spec: description: HTTP client configuration. properties: authorization: - description: Authorization header configuration for - the client. This is mutually exclusive with BasicAuth - and is only available starting from Alertmanager - v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the @@ -3185,10 +3254,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -3199,29 +3268,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. - The value is case-insensitive. \n \"Basic\" - is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, - BasicAuth takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a - Secret containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -3232,18 +3307,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a - Secret containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -3255,21 +3331,21 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. - The secret needs to be in the same namespace as - the AlertmanagerConfig object and accessible by - the Prometheus Operator. + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -3288,9 +3364,9 @@ spec: a token for the targets. properties: clientId: - description: '`clientId` specifies a key of a - Secret or ConfigMap containing the OAuth2 client''s - ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to @@ -3300,10 +3376,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -3323,10 +3399,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -3338,18 +3414,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of - a Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -3362,8 +3439,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the - HTTP parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes @@ -3399,10 +3477,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -3422,10 +3500,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -3448,10 +3526,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -3471,10 +3549,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -3497,10 +3575,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -3520,9 +3598,9 @@ spec: description: The message content of the SNS notification. type: string phoneNumber: - description: Phone number if message is delivered via - SMS in E.164 format. If you don't specify this value, - you must specify a value for the TopicARN or TargetARN. + description: |- + Phone number if message is delivered via SMS in E.164 format. + If you don't specify this value, you must specify a value for the TopicARN or TargetARN. type: string sendResolved: description: Whether or not to notify about resolved alerts. @@ -3532,19 +3610,19 @@ spec: signing process to sign requests. properties: accessKey: - description: AccessKey is the AWS API key. If not - specified, the environment variable `AWS_ACCESS_KEY_ID` - is used. + description: |- + AccessKey is the AWS API key. If not specified, the environment variable + `AWS_ACCESS_KEY_ID` is used. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -3567,19 +3645,19 @@ spec: to authenticate. type: string secretKey: - description: SecretKey is the AWS API secret. If not - specified, the environment variable `AWS_SECRET_ACCESS_KEY` - is used. + description: |- + SecretKey is the AWS API secret. If not specified, the environment + variable `AWS_SECRET_ACCESS_KEY` is used. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -3595,43 +3673,47 @@ spec: to email endpoints. type: string targetARN: - description: The mobile platform endpoint ARN if message - is delivered via mobile notifications. If you don't - specify this value, you must specify a value for the - topic_arn or PhoneNumber. + description: |- + The mobile platform endpoint ARN if message is delivered via mobile notifications. + If you don't specify this value, you must specify a value for the topic_arn or PhoneNumber. type: string topicARN: - description: SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic - If you don't specify this value, you must specify a - value for the PhoneNumber or TargetARN. + description: |- + SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic + If you don't specify this value, you must specify a value for the PhoneNumber or TargetARN. type: string type: object type: array telegramConfigs: description: List of Telegram configurations. items: - description: TelegramConfig configures notifications via Telegram. + description: |- + TelegramConfig configures notifications via Telegram. See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config properties: apiURL: - description: The Telegram API URL i.e. https://api.telegram.org. + description: |- + The Telegram API URL i.e. https://api.telegram.org. If not specified, default API URL will be used. type: string botToken: - description: "Telegram bot token. It is mutually exclusive - with `botTokenFile`. The secret needs to be in the same - namespace as the AlertmanagerConfig object and accessible - by the Prometheus Operator. \n Either `botToken` or - `botTokenFile` is required." + description: |- + Telegram bot token. It is mutually exclusive with `botTokenFile`. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. + + + Either `botToken` or `botTokenFile` is required. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -3642,10 +3724,12 @@ spec: type: object x-kubernetes-map-type: atomic botTokenFile: - description: "File to read the Telegram bot token from. - It is mutually exclusive with `botToken`. Either `botToken` - or `botTokenFile` is required. \n It requires Alertmanager - >= v0.26.0." + description: |- + File to read the Telegram bot token from. It is mutually exclusive with `botToken`. + Either `botToken` or `botTokenFile` is required. + + + It requires Alertmanager >= v0.26.0. type: string chatID: description: The Telegram chat ID. @@ -3658,10 +3742,9 @@ spec: description: HTTP client configuration. properties: authorization: - description: Authorization header configuration for - the client. This is mutually exclusive with BasicAuth - and is only available starting from Alertmanager - v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the @@ -3673,10 +3756,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -3687,29 +3770,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. - The value is case-insensitive. \n \"Basic\" - is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, - BasicAuth takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a - Secret containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -3720,18 +3809,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a - Secret containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -3743,21 +3833,21 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. - The secret needs to be in the same namespace as - the AlertmanagerConfig object and accessible by - the Prometheus Operator. + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -3776,9 +3866,9 @@ spec: a token for the targets. properties: clientId: - description: '`clientId` specifies a key of a - Secret or ConfigMap containing the OAuth2 client''s - ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to @@ -3788,10 +3878,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -3811,10 +3901,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -3826,18 +3916,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of - a Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -3850,8 +3941,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the - HTTP parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes @@ -3887,10 +3979,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -3910,10 +4002,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -3936,10 +4028,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -3959,10 +4051,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -3985,10 +4077,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4022,13 +4114,14 @@ spec: victoropsConfigs: description: List of VictorOps configurations. items: - description: VictorOpsConfig configures notifications via - VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config + description: |- + VictorOpsConfig configures notifications via VictorOps. + See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config properties: apiKey: - description: The secret's key that contains the API key - to use when talking to the VictorOps API. The secret - needs to be in the same namespace as the AlertmanagerConfig + description: |- + The secret's key that contains the API key to use when talking to the VictorOps API. + The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: key: @@ -4036,9 +4129,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -4075,10 +4169,9 @@ spec: description: The HTTP client's configuration. properties: authorization: - description: Authorization header configuration for - the client. This is mutually exclusive with BasicAuth - and is only available starting from Alertmanager - v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the @@ -4090,10 +4183,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4104,29 +4197,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. - The value is case-insensitive. \n \"Basic\" - is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, - BasicAuth takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a - Secret containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4137,18 +4236,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a - Secret containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4160,21 +4260,21 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. - The secret needs to be in the same namespace as - the AlertmanagerConfig object and accessible by - the Prometheus Operator. + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -4193,9 +4293,9 @@ spec: a token for the targets. properties: clientId: - description: '`clientId` specifies a key of a - Secret or ConfigMap containing the OAuth2 client''s - ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to @@ -4205,10 +4305,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -4228,10 +4328,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -4243,18 +4343,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of - a Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4267,8 +4368,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the - HTTP parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes @@ -4304,10 +4406,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -4327,10 +4429,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -4353,10 +4455,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -4376,10 +4478,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -4402,10 +4504,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4444,24 +4546,25 @@ spec: webexConfigs: description: List of Webex configurations. items: - description: WebexConfig configures notification via Cisco - Webex See https://prometheus.io/docs/alerting/latest/configuration/#webex_config + description: |- + WebexConfig configures notification via Cisco Webex + See https://prometheus.io/docs/alerting/latest/configuration/#webex_config properties: apiURL: - description: The Webex Teams API URL i.e. https://webexapis.com/v1/messages + description: |- + The Webex Teams API URL i.e. https://webexapis.com/v1/messages Provide if different from the default API URL. pattern: ^https?://.+$ type: string httpConfig: - description: The HTTP client's configuration. You must - supply the bot token via the `httpConfig.authorization` - field. + description: |- + The HTTP client's configuration. + You must supply the bot token via the `httpConfig.authorization` field. properties: authorization: - description: Authorization header configuration for - the client. This is mutually exclusive with BasicAuth - and is only available starting from Alertmanager - v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the @@ -4473,10 +4576,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4487,29 +4590,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. - The value is case-insensitive. \n \"Basic\" - is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, - BasicAuth takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a - Secret containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4520,18 +4629,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a - Secret containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4543,21 +4653,21 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. - The secret needs to be in the same namespace as - the AlertmanagerConfig object and accessible by - the Prometheus Operator. + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -4576,9 +4686,9 @@ spec: a token for the targets. properties: clientId: - description: '`clientId` specifies a key of a - Secret or ConfigMap containing the OAuth2 client''s - ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to @@ -4588,10 +4698,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -4611,10 +4721,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -4626,18 +4736,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of - a Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4650,8 +4761,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the - HTTP parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes @@ -4687,10 +4799,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -4710,10 +4822,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -4736,10 +4848,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -4759,10 +4871,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -4785,10 +4897,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4822,17 +4934,17 @@ spec: webhookConfigs: description: List of webhook configurations. items: - description: WebhookConfig configures notifications via a - generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config + description: |- + WebhookConfig configures notifications via a generic receiver supporting the webhook payload. + See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config properties: httpConfig: description: HTTP client configuration. properties: authorization: - description: Authorization header configuration for - the client. This is mutually exclusive with BasicAuth - and is only available starting from Alertmanager - v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the @@ -4844,10 +4956,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4858,29 +4970,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. - The value is case-insensitive. \n \"Basic\" - is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, - BasicAuth takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a - Secret containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4891,18 +5009,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a - Secret containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -4914,21 +5033,21 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. - The secret needs to be in the same namespace as - the AlertmanagerConfig object and accessible by - the Prometheus Operator. + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -4947,9 +5066,9 @@ spec: a token for the targets. properties: clientId: - description: '`clientId` specifies a key of a - Secret or ConfigMap containing the OAuth2 client''s - ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to @@ -4959,10 +5078,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -4982,10 +5101,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -4997,18 +5116,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of - a Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -5021,8 +5141,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the - HTTP parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes @@ -5058,10 +5179,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -5081,10 +5202,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -5107,10 +5228,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -5130,10 +5251,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -5156,10 +5277,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -5185,26 +5306,27 @@ spec: description: Whether or not to notify about resolved alerts. type: boolean url: - description: The URL to send HTTP POST requests to. `urlSecret` - takes precedence over `url`. One of `urlSecret` and - `url` should be defined. + description: |- + The URL to send HTTP POST requests to. `urlSecret` takes precedence over + `url`. One of `urlSecret` and `url` should be defined. type: string urlSecret: - description: The secret's key that contains the webhook - URL to send HTTP requests to. `urlSecret` takes precedence - over `url`. One of `urlSecret` and `url` should be defined. - The secret needs to be in the same namespace as the - AlertmanagerConfig object and accessible by the Prometheus - Operator. + description: |- + The secret's key that contains the webhook URL to send HTTP requests to. + `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` + should be defined. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -5219,25 +5341,27 @@ spec: wechatConfigs: description: List of WeChat configurations. items: - description: WeChatConfig configures notifications via WeChat. + description: |- + WeChatConfig configures notifications via WeChat. See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config properties: agentID: type: string apiSecret: - description: The secret's key that contains the WeChat - API key. The secret needs to be in the same namespace - as the AlertmanagerConfig object and accessible by the - Prometheus Operator. + description: |- + The secret's key that contains the WeChat API key. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -5257,10 +5381,9 @@ spec: description: HTTP client configuration. properties: authorization: - description: Authorization header configuration for - the client. This is mutually exclusive with BasicAuth - and is only available starting from Alertmanager - v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the @@ -5272,10 +5395,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -5286,29 +5409,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. - The value is case-insensitive. \n \"Basic\" - is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, - BasicAuth takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a - Secret containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -5319,18 +5448,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a - Secret containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -5342,21 +5472,21 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. - The secret needs to be in the same namespace as - the AlertmanagerConfig object and accessible by - the Prometheus Operator. + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -5375,9 +5505,9 @@ spec: a token for the targets. properties: clientId: - description: '`clientId` specifies a key of a - Secret or ConfigMap containing the OAuth2 client''s - ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to @@ -5387,10 +5517,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -5410,10 +5540,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -5425,18 +5555,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of - a Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -5449,8 +5580,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the - HTTP parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes @@ -5486,10 +5618,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -5509,10 +5641,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -5535,10 +5667,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -5558,10 +5690,10 @@ spec: key. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -5584,10 +5716,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -5625,9 +5757,10 @@ spec: type: object type: array route: - description: The Alertmanager route definition for alerts matching - the resource's namespace. If present, it will be added to the generated - Alertmanager configuration as a first-level route. + description: |- + The Alertmanager route definition for alerts matching the resource's + namespace. If present, it will be added to the generated Alertmanager + configuration as a first-level route. properties: activeTimeIntervals: description: ActiveTimeIntervals is a list of MuteTimeInterval @@ -5636,39 +5769,44 @@ spec: type: string type: array continue: - description: Boolean indicating whether an alert should continue - matching subsequent sibling nodes. It will always be overridden - to true for the first-level route by the Prometheus operator. + description: |- + Boolean indicating whether an alert should continue matching subsequent + sibling nodes. It will always be overridden to true for the first-level + route by the Prometheus operator. type: boolean groupBy: - description: List of labels to group by. Labels must not be repeated - (unique list). Special label "..." (aggregate by all possible - labels), if provided, must be the only element in the list. + description: |- + List of labels to group by. + Labels must not be repeated (unique list). + Special label "..." (aggregate by all possible labels), if provided, must be the only element in the list. items: type: string type: array groupInterval: - description: 'How long to wait before sending an updated notification. + description: |- + How long to wait before sending an updated notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` - Example: "5m"' + Example: "5m" type: string groupWait: - description: 'How long to wait before sending the initial notification. + description: |- + How long to wait before sending the initial notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` - Example: "30s"' + Example: "30s" type: string matchers: - description: 'List of matchers that the alert''s labels should - match. For the first level route, the operator removes any existing - equality and regexp matcher on the `namespace` label and adds - a `namespace: ` matcher.' + description: |- + List of matchers that the alert's labels should match. For the first + level route, the operator removes any existing equality and regexp + matcher on the `namespace` label and adds a `namespace: ` matcher. items: description: Matcher defines how to match on alert's labels. properties: matchType: - description: Match operation available with AlertManager - >= v0.22.0 and takes precedence over Regex (deprecated) - if non-empty. + description: |- + Match operation available with AlertManager >= v0.22.0 and + takes precedence over Regex (deprecated) if non-empty. enum: - '!=' - = @@ -5680,9 +5818,9 @@ spec: minLength: 1 type: string regex: - description: 'Whether to match on equality (false) or regular-expression - (true). Deprecated: for AlertManager >= v0.22.0, `matchType` - should be used instead.' + description: |- + Whether to match on equality (false) or regular-expression (true). + Deprecated: for AlertManager >= v0.22.0, `matchType` should be used instead. type: boolean value: description: Label value to match. @@ -5692,26 +5830,28 @@ spec: type: object type: array muteTimeIntervals: - description: 'Note: this comment applies to the field definition - above but appears below otherwise it gets included in the generated - manifest. CRD schema doesn''t support self-referential types - for now (see https://github.com/kubernetes/kubernetes/issues/62872). - We have to use an alternative type to circumvent the limitation. - The downside is that the Kube API can''t validate the data beyond - the fact that it is a valid JSON representation. MuteTimeIntervals - is a list of MuteTimeInterval names that will mute this route - when matched,' + description: |- + Note: this comment applies to the field definition above but appears + below otherwise it gets included in the generated manifest. + CRD schema doesn't support self-referential types for now (see + https://github.com/kubernetes/kubernetes/issues/62872). We have to use + an alternative type to circumvent the limitation. The downside is that + the Kube API can't validate the data beyond the fact that it is a valid + JSON representation. + MuteTimeIntervals is a list of MuteTimeInterval names that will mute this route when matched, items: type: string type: array receiver: - description: Name of the receiver for this route. If not empty, - it should be listed in the `receivers` field. + description: |- + Name of the receiver for this route. If not empty, it should be listed in + the `receivers` field. type: string repeatInterval: - description: 'How long to wait before repeating the last notification. + description: |- + How long to wait before repeating the last notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` - Example: "4h"' + Example: "4h" type: string routes: description: Child routes. diff --git a/bitnami/kube-prometheus/crds/crd-alertmanagers.yaml b/bitnami/kube-prometheus/crds/crd-alertmanagers.yaml index 462634c94005ad..ff862455463e9e 100644 --- a/bitnami/kube-prometheus/crds/crd-alertmanagers.yaml +++ b/bitnami/kube-prometheus/crds/crd-alertmanagers.yaml @@ -1,12 +1,12 @@ # Source: https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v{version}/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml -# Version: 0.73.2 +# Version: 0.74.0 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.73.2 + controller-gen.kubebuilder.io/version: v0.14.0 + operator.prometheus.io/version: 0.74.0 name: alertmanagers.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -54,20 +54,26 @@ spec: description: Alertmanager describes an Alertmanager cluster. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: 'Specification of the desired behavior of the Alertmanager - cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + description: |- + Specification of the desired behavior of the Alertmanager cluster. More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: additionalPeers: description: AdditionalPeers allows injecting a set of additional @@ -83,22 +89,20 @@ spec: pod. properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node matches - the corresponding matchExpressions; the node(s) with the - highest sum are the most preferred. + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects (i.e. - is also a no-op). + description: |- + An empty preferred scheduling term matches all objects with implicit weight 0 + (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). properties: preference: description: A node selector term, associated with the @@ -108,30 +112,26 @@ spec: description: A list of node selector requirements by node's labels. items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. items: type: string type: array @@ -144,30 +144,26 @@ spec: description: A list of node selector requirements by node's fields. items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. items: type: string type: array @@ -189,50 +185,46 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to an update), the system may or may not try to - eventually evict the pod from its node. + description: |- + If the affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from its node. properties: nodeSelectorTerms: description: Required. A list of node selector terms. The terms are ORed. items: - description: A null or empty node selector term matches - no objects. The requirements of them are ANDed. The - TopologySelectorTerm type implements a subset of the - NodeSelectorTerm. + description: |- + A null or empty node selector term matches no objects. The requirements of + them are ANDed. + The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. properties: matchExpressions: description: A list of node selector requirements by node's labels. items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. items: type: string type: array @@ -245,30 +237,26 @@ spec: description: A list of node selector requirements by node's fields. items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. items: type: string type: array @@ -290,16 +278,15 @@ spec: this pod in the same node, zone, etc. as some other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; the + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm @@ -310,37 +297,33 @@ spec: with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, - in this case pods. If it's null, this PodAffinityTerm - matches with no Pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -353,89 +336,74 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label - keys to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged - with `LabelSelector` as `key in (value)` to select - the group of existing pods which pods will be - taken into consideration for the incoming pod's - pod (anti) affinity. Keys that don't exist in - the incoming pod labels will be ignored. The default - value is empty. The same key is forbidden to exist - in both MatchLabelKeys and LabelSelector. Also, - MatchLabelKeys cannot be set when LabelSelector - isn't set. This is an alpha field and requires - enabling MatchLabelKeysInPodAffinity feature gate. + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label - keys to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged - with `LabelSelector` as `key notin (value)` to - select the group of existing pods which pods will - be taken into consideration for the incoming pod's - pod (anti) affinity. Keys that don't exist in - the incoming pod labels will be ignored. The default - value is empty. The same key is forbidden to exist - in both MismatchLabelKeys and LabelSelector. Also, - MismatchLabelKeys cannot be set when LabelSelector - isn't set. This is an alpha field and requires - enabling MatchLabelKeysInPodAffinity feature gate. + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -448,40 +416,37 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. type: string required: - topologyKey type: object weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. + description: |- + weight associated with matching the corresponding podAffinityTerm, + in the range 1-100. format: int32 type: integer required: @@ -490,53 +455,51 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to a pod label update), the system may or may - not try to eventually evict the pod from its node. When - there are multiple elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, i.e. all terms - must be satisfied. + description: |- + If the affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod label update), the + system may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all terms must be satisfied. items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of - pods is running + description: |- + Defines a set of pods (namely those matching the labelSelector + relative to the given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node whose value of + the label with key matches that of any node on which + a pod of the set of pods is running properties: labelSelector: - description: A label query over a set of resources, - in this case pods. If it's null, this PodAffinityTerm - matches with no Pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -548,84 +511,74 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys - to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged with - `LabelSelector` as `key in (value)` to select the - group of existing pods which pods will be taken into - consideration for the incoming pod's pod (anti) affinity. - Keys that don't exist in the incoming pod labels will - be ignored. The default value is empty. The same key - is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector - isn't set. This is an alpha field and requires enabling - MatchLabelKeysInPodAffinity feature gate. + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label - keys to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged with - `LabelSelector` as `key notin (value)` to select the - group of existing pods which pods will be taken into - consideration for the incoming pod's pod (anti) affinity. - Keys that don't exist in the incoming pod labels will - be ignored. The default value is empty. The same key - is forbidden to exist in both MismatchLabelKeys and - LabelSelector. Also, MismatchLabelKeys cannot be set - when LabelSelector isn't set. This is an alpha field - and requires enabling MatchLabelKeysInPodAffinity - feature gate. + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied to the - union of the namespaces selected by this field and - the ones listed in the namespaces field. null selector - and null or empty namespaces list means "this pod's - namespace". An empty selector ({}) matches all namespaces. + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -637,32 +590,28 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace - names that the term applies to. The term is applied - to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. null or - empty namespaces list and null namespaceSelector means - "this pod's namespace". + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of - any node on which any of the selected pods is running. + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. Empty topologyKey is not allowed. type: string required: @@ -676,16 +625,15 @@ spec: other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the anti-affinity expressions specified - by this field, but it may choose a node that violates one - or more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; the + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the anti-affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm @@ -696,37 +644,33 @@ spec: with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, - in this case pods. If it's null, this PodAffinityTerm - matches with no Pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -739,89 +683,74 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label - keys to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged - with `LabelSelector` as `key in (value)` to select - the group of existing pods which pods will be - taken into consideration for the incoming pod's - pod (anti) affinity. Keys that don't exist in - the incoming pod labels will be ignored. The default - value is empty. The same key is forbidden to exist - in both MatchLabelKeys and LabelSelector. Also, - MatchLabelKeys cannot be set when LabelSelector - isn't set. This is an alpha field and requires - enabling MatchLabelKeysInPodAffinity feature gate. + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label - keys to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged - with `LabelSelector` as `key notin (value)` to - select the group of existing pods which pods will - be taken into consideration for the incoming pod's - pod (anti) affinity. Keys that don't exist in - the incoming pod labels will be ignored. The default - value is empty. The same key is forbidden to exist - in both MismatchLabelKeys and LabelSelector. Also, - MismatchLabelKeys cannot be set when LabelSelector - isn't set. This is an alpha field and requires - enabling MatchLabelKeysInPodAffinity feature gate. + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -834,40 +763,37 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. type: string required: - topologyKey type: object weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. + description: |- + weight associated with matching the corresponding podAffinityTerm, + in the range 1-100. format: int32 type: integer required: @@ -876,53 +802,51 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during - pod execution (e.g. due to a pod label update), the system - may or may not try to eventually evict the pod from its - node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. - all terms must be satisfied. + description: |- + If the anti-affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the anti-affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod label update), the + system may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all terms must be satisfied. items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of - pods is running + description: |- + Defines a set of pods (namely those matching the labelSelector + relative to the given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node whose value of + the label with key matches that of any node on which + a pod of the set of pods is running properties: labelSelector: - description: A label query over a set of resources, - in this case pods. If it's null, this PodAffinityTerm - matches with no Pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -934,84 +858,74 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys - to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged with - `LabelSelector` as `key in (value)` to select the - group of existing pods which pods will be taken into - consideration for the incoming pod's pod (anti) affinity. - Keys that don't exist in the incoming pod labels will - be ignored. The default value is empty. The same key - is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector - isn't set. This is an alpha field and requires enabling - MatchLabelKeysInPodAffinity feature gate. + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label - keys to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged with - `LabelSelector` as `key notin (value)` to select the - group of existing pods which pods will be taken into - consideration for the incoming pod's pod (anti) affinity. - Keys that don't exist in the incoming pod labels will - be ignored. The default value is empty. The same key - is forbidden to exist in both MismatchLabelKeys and - LabelSelector. Also, MismatchLabelKeys cannot be set - when LabelSelector isn't set. This is an alpha field - and requires enabling MatchLabelKeysInPodAffinity - feature gate. + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied to the - union of the namespaces selected by this field and - the ones listed in the namespaces field. null selector - and null or empty namespaces list means "this pod's - namespace". An empty selector ({}) matches all namespaces. + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1023,32 +937,28 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace - names that the term applies to. The term is applied - to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. null or - empty namespaces list and null namespaceSelector means - "this pod's namespace". + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of - any node on which any of the selected pods is running. + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. Empty topologyKey is not allowed. type: string required: @@ -1058,47 +968,48 @@ spec: type: object type: object alertmanagerConfigMatcherStrategy: - description: The AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig - objects match the alerts. In the future more options may be added. + description: |- + The AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects match the alerts. + In the future more options may be added. properties: type: default: OnNamespace - description: If set to `OnNamespace`, the operator injects a label - matcher matching the namespace of the AlertmanagerConfig object - for all its routes and inhibition rules. `None` will not add - any additional matchers other than the ones specified in the - AlertmanagerConfig. Default is `OnNamespace`. + description: |- + If set to `OnNamespace`, the operator injects a label matcher matching the namespace of the AlertmanagerConfig object for all its routes and inhibition rules. + `None` will not add any additional matchers other than the ones specified in the AlertmanagerConfig. + Default is `OnNamespace`. enum: - OnNamespace - None type: string type: object alertmanagerConfigNamespaceSelector: - description: Namespaces to be selected for AlertmanagerConfig discovery. - If nil, only check own namespace. + description: |- + Namespaces to be selected for AlertmanagerConfig discovery. If nil, only + check own namespace. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -1111,11 +1022,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic @@ -1127,24 +1037,24 @@ spec: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -1157,19 +1067,23 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic alertmanagerConfiguration: - description: "alertmanagerConfiguration specifies the configuration - of Alertmanager. \n If defined, it takes precedence over the `configSecret` - field. \n This is an *experimental feature*, it may change in any - upcoming release in a breaking way." + description: |- + alertmanagerConfiguration specifies the configuration of Alertmanager. + + + If defined, it takes precedence over the `configSecret` field. + + + This is an *experimental feature*, it may change in any upcoming release + in a breaking way. properties: global: description: Defines the global parameters of the Alertmanager @@ -1179,9 +1093,9 @@ spec: description: HTTP client configuration. properties: authorization: - description: Authorization header configuration for the - client. This is mutually exclusive with BasicAuth and - is only available starting from Alertmanager v0.22+. + description: |- + Authorization header configuration for the client. + This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: description: Selects a key of a Secret in the namespace @@ -1192,10 +1106,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -1206,29 +1120,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. The - value is case-insensitive. \n \"Basic\" is not a - supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: BasicAuth for the client. This is mutually - exclusive with Authorization. If both are defined, BasicAuth - takes precedence. + description: |- + BasicAuth for the client. + This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: - description: '`password` specifies a key of a Secret - containing the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -1239,18 +1159,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a Secret - containing the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -1262,9 +1183,10 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: The secret's key that contains the bearer - token to be used by the client for authentication. The - secret needs to be in the same namespace as the Alertmanager + description: |- + The secret's key that contains the bearer token to be used by the client + for authentication. + The secret needs to be in the same namespace as the Alertmanager object and accessible by the Prometheus Operator. properties: key: @@ -1272,9 +1194,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1293,8 +1216,9 @@ spec: token for the targets. properties: clientId: - description: '`clientId` specifies a key of a Secret - or ConfigMap containing the OAuth2 client''s ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to use @@ -1304,10 +1228,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1326,10 +1250,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1341,18 +1265,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of a - Secret containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -1365,8 +1290,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the HTTP - parameters to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes used @@ -1402,10 +1328,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1424,10 +1350,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1450,10 +1376,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1472,10 +1398,10 @@ spec: from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -1498,10 +1424,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -1524,8 +1450,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1543,8 +1471,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1558,11 +1488,10 @@ spec: description: The default Pagerduty URL. type: string resolveTimeout: - description: ResolveTimeout is the default value used by alertmanager - if the alert does not include EndsAt, after this time passes - it can declare the alert as resolved if it has not been - updated. This has no impact on alerts from Prometheus, as - they always include EndsAt. + description: |- + ResolveTimeout is the default value used by alertmanager if the alert does + not include EndsAt, after this time passes it can declare the alert as resolved if it has not been updated. + This has no impact on alerts from Prometheus, as they always include EndsAt. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string slackApiUrl: @@ -1573,8 +1502,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1598,9 +1529,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1618,9 +1550,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1643,9 +1576,9 @@ spec: server. type: string requireTLS: - description: The default SMTP TLS requirement. Note that - Go does not support unencrypted connections to remote - SMTP endpoints. + description: |- + The default SMTP TLS requirement. + Note that Go does not support unencrypted connections to remote SMTP endpoints. type: boolean smartHost: description: The default SMTP smarthost used for sending @@ -1668,11 +1601,10 @@ spec: type: object type: object name: - description: The name of the AlertmanagerConfig resource which - is used to generate the Alertmanager configuration. It must - be defined in the same namespace as the Alertmanager object. - The operator will not enforce a `namespace` label for routes - and inhibition rules. + description: |- + The name of the AlertmanagerConfig resource which is used to generate the Alertmanager configuration. + It must be defined in the same namespace as the Alertmanager object. + The operator will not enforce a `namespace` label for routes and inhibition rules. minLength: 1 type: string templates: @@ -1688,8 +1620,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -1707,8 +1641,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1722,30 +1658,29 @@ spec: type: array type: object automountServiceAccountToken: - description: 'AutomountServiceAccountToken indicates whether a service - account token should be automatically mounted in the pod. If the - service account has `automountServiceAccountToken: true`, set the - field to `false` to opt out of automounting API credentials.' + description: |- + AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. + If the service account has `automountServiceAccountToken: true`, set the field to `false` to opt out of automounting API credentials. type: boolean baseImage: - description: 'Base image that is used to deploy pods, without tag. - Deprecated: use ''image'' instead.' + description: |- + Base image that is used to deploy pods, without tag. + Deprecated: use 'image' instead. type: string clusterAdvertiseAddress: - description: 'ClusterAdvertiseAddress is the explicit address to advertise - in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. - [1] RFC1918: https://tools.ietf.org/html/rfc1918' + description: |- + ClusterAdvertiseAddress is the explicit address to advertise in cluster. + Needs to be provided for non RFC1918 [1] (public) addresses. + [1] RFC1918: https://tools.ietf.org/html/rfc1918 type: string clusterGossipInterval: description: Interval between gossip attempts. pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string clusterLabel: - description: Defines the identifier that uniquely identifies the Alertmanager - cluster. You should only set it when the Alertmanager cluster includes - Alertmanager instances which are external to this Alertmanager resource. - In practice, the addresses of the external instances are provided - via the `.spec.additionalPeers` field. + description: |- + Defines the identifier that uniquely identifies the Alertmanager cluster. + You should only set it when the Alertmanager cluster includes Alertmanager instances which are external to this Alertmanager resource. In practice, the addresses of the external instances are provided via the `.spec.additionalPeers` field. type: string clusterPeerTimeout: description: Timeout for cluster peering. @@ -1756,69 +1691,74 @@ spec: pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string configMaps: - description: ConfigMaps is a list of ConfigMaps in the same namespace - as the Alertmanager object, which shall be mounted into the Alertmanager - Pods. Each ConfigMap is added to the StatefulSet definition as a - volume named `configmap-`. The ConfigMaps are mounted - into `/etc/alertmanager/configmaps/` in the 'alertmanager' - container. + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager + object, which shall be mounted into the Alertmanager Pods. + Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-`. + The ConfigMaps are mounted into `/etc/alertmanager/configmaps/` in the 'alertmanager' container. items: type: string type: array configSecret: - description: "ConfigSecret is the name of a Kubernetes Secret in the - same namespace as the Alertmanager object, which contains the configuration - for this Alertmanager instance. If empty, it defaults to `alertmanager-`. - \n The Alertmanager configuration should be available under the - `alertmanager.yaml` key. Additional keys from the original secret - are copied to the generated secret and mounted into the `/etc/alertmanager/config` - directory in the `alertmanager` container. \n If either the secret - or the `alertmanager.yaml` key is missing, the operator provisions - a minimal Alertmanager configuration with one empty receiver (effectively - dropping alert notifications)." + description: |- + ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + Alertmanager object, which contains the configuration for this Alertmanager + instance. If empty, it defaults to `alertmanager-`. + + + The Alertmanager configuration should be available under the + `alertmanager.yaml` key. Additional keys from the original secret are + copied to the generated secret and mounted into the + `/etc/alertmanager/config` directory in the `alertmanager` container. + + + If either the secret or the `alertmanager.yaml` key is missing, the + operator provisions a minimal Alertmanager configuration with one empty + receiver (effectively dropping alert notifications). type: string containers: - description: 'Containers allows injecting additional containers. This - is meant to allow adding an authentication proxy to an Alertmanager - pod. Containers described here modify an operator generated container - if they share the same name and modifications are done via a strategic - merge patch. The current container names are: `alertmanager` and - `config-reloader`. Overriding containers is entirely outside the - scope of what the maintainers will support and by doing so, you - accept that this behaviour may break at any time without notice.' + description: |- + Containers allows injecting additional containers. This is meant to + allow adding an authentication proxy to an Alertmanager pod. + Containers described here modify an operator generated container if they + share the same name and modifications are done via a strategic merge + patch. The current container names are: `alertmanager` and + `config-reloader`. Overriding containers is entirely outside the scope + of what the maintainers will support and by doing so, you accept that + this behaviour may break at any time without notice. items: description: A single application container that you want to run within a pod. properties: args: - description: 'Arguments to the entrypoint. The container image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will - be unchanged. Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references - will never be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Arguments to the entrypoint. + The container image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array command: - description: 'Entrypoint array. Not executed within a shell. - The container image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: - i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether - the variable exists or not. Cannot be updated. More info: - https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Entrypoint array. Not executed within a shell. + The container image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array env: - description: List of environment variables to set in the container. + description: |- + List of environment variables to set in the container. Cannot be updated. items: description: EnvVar represents an environment variable present @@ -1829,16 +1769,16 @@ spec: a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - the container and any service environment variables. - If a variable cannot be resolved, the reference in the - input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string - literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists - or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's value. @@ -1851,10 +1791,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or @@ -1865,11 +1805,9 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema the FieldPath @@ -1884,11 +1822,9 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required for volumes, @@ -1918,10 +1854,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -1937,13 +1873,13 @@ spec: type: object type: array envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be - a C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key - will take precedence. Cannot be updated. + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. items: description: EnvFromSource represents the source of a set of ConfigMaps @@ -1952,9 +1888,10 @@ spec: description: The ConfigMap to select from properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be @@ -1970,9 +1907,10 @@ spec: description: The Secret to select from properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -1982,40 +1920,42 @@ spec: type: object type: array image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. type: string imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images type: string lifecycle: - description: Actions that the management system should take - in response to container lifecycle events. Cannot be updated. + description: |- + Actions that the management system should take in response to container lifecycle events. + Cannot be updated. properties: postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -2024,9 +1964,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -2036,9 +1976,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2055,13 +1995,15 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port @@ -2079,10 +2021,10 @@ spec: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to connect to, @@ -2092,40 +2034,37 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The Pod''s termination grace period - countdown begins before the PreStop hook is executed. - Regardless of the outcome of the handler, the container - will eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other management - of the container blocks until the hook completes or until - the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -2134,9 +2073,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -2146,9 +2085,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2165,13 +2104,15 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port @@ -2189,10 +2130,10 @@ spec: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to connect to, @@ -2202,9 +2143,10 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port @@ -2212,30 +2154,30 @@ spec: type: object type: object livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -2247,10 +2189,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -2259,9 +2203,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP @@ -2271,9 +2215,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2290,33 +2234,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the host. + description: |- + Scheme to use for connecting to the host. Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -2331,78 +2277,82 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object name: - description: Name of the container specified as a DNS_LABEL. + description: |- + Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. type: string ports: - description: List of ports to expose from the container. Not - specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Modifying this array with strategic merge patch may corrupt - the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + description: |- + List of ports to expose from the container. Not specifying a port here + DOES NOT prevent that port from being exposed. Any port which is + listening on the default "0.0.0.0" address inside a container will be + accessible from the network. + Modifying this array with strategic merge patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. items: description: ContainerPort represents a network port in a single container. properties: containerPort: - description: Number of port to expose on the pod's IP - address. This must be a valid port number, 0 < x < 65536. + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. format: int32 type: integer hostIP: description: What host IP to bind the external port to. type: string hostPort: - description: Number of port to expose on the host. If - specified, this must be a valid port number, 0 < x < - 65536. If HostNetwork is specified, this must match - ContainerPort. Most containers do not need this. + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. format: int32 type: integer name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod - must have a unique name. Name for the port that can - be referred to by services. + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. type: string protocol: default: TCP - description: Protocol for port. Must be UDP, TCP, or SCTP. + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". type: string required: @@ -2414,30 +2364,30 @@ spec: - protocol x-kubernetes-list-type: map readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if the probe - fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -2449,10 +2399,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -2461,9 +2413,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP @@ -2473,9 +2425,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2492,33 +2444,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the host. + description: |- + Scheme to use for connecting to the host. Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -2533,34 +2487,33 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object @@ -2571,12 +2524,14 @@ spec: policy for the container. properties: resourceName: - description: 'Name of the resource to which this resource - resize policy applies. Supported values: cpu, memory.' + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. type: string restartPolicy: - description: Restart policy to apply when specified resource - is resized. If not specified, it defaults to NotRequired. + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. type: string required: - resourceName @@ -2585,22 +2540,29 @@ spec: type: array x-kubernetes-list-type: atomic resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Compute Resources required by this container. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only - be set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available inside a container. type: string required: @@ -2617,8 +2579,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -2627,52 +2590,52 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object restartPolicy: - description: 'RestartPolicy defines the restart behavior of - individual containers in a pod. This field may only be set - for init containers, and the only allowed value is "Always". + description: |- + RestartPolicy defines the restart behavior of individual containers in a pod. + This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, - the restart behavior is defined by the Pod''s restart policy - and the container type. Setting the RestartPolicy as "Always" - for the init container will have the following effect: this - init container will be continually restarted on exit until - all regular containers have terminated. Once all regular containers - have completed, all init containers with restartPolicy "Always" - will be shut down. This lifecycle differs from normal init - containers and is often referred to as a "sidecar" container. - Although this init container still starts in the init container - sequence, it does not wait for the container to complete before - proceeding to the next init container. Instead, the next init - container starts immediately after this init container is - started, or after any startupProbe has successfully completed.' + the restart behavior is defined by the Pod's restart policy and the container type. + Setting the RestartPolicy as "Always" for the init container will have the following effect: + this init container will be continually restarted on + exit until all regular containers have terminated. Once all regular + containers have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although this init + container still starts in the init container sequence, it does not wait + for the container to complete before proceeding to the next init + container. Instead, the next init container starts immediately after this + init container is started, or after any startupProbe has successfully + completed. type: string securityContext: - description: 'SecurityContext defines the security options the - container should be run with. If set, the fields of SecurityContext - override the equivalent fields of PodSecurityContext. More - info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + description: |- + SecurityContext defines the security options the container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ properties: allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether - a process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN Note that this field cannot be set - when spec.os.name is windows.' + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. type: boolean capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by - the container runtime. Note that this field cannot be - set when spec.os.name is windows. + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. properties: add: description: Added capabilities @@ -2690,60 +2653,60 @@ spec: type: array type: object privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent to - root on the host. Defaults to false. Note that this field - cannot be set when spec.os.name is windows. + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. type: boolean procMount: - description: procMount denotes the type of proc mount to - use for the containers. The default is DefaultProcMount - which uses the container runtime defaults for readonly - paths and masked paths. This requires the ProcMountType - feature flag to be enabled. Note that this field cannot - be set when spec.os.name is windows. + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. type: string readOnlyRootFilesystem: - description: Whether this container has a read-only root - filesystem. Default is false. Note that this field cannot - be set when spec.os.name is windows. + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. type: boolean runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer runAsNonRoot: - description: Indicates that the container must run as a - non-root user. If true, the Kubelet will validate the - image at runtime to ensure that it does not run as UID - 0 (root) and fail to start the container if it does. If - unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the value specified - in SecurityContext takes precedence. + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: boolean runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata - if unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name is windows. + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a - random SELinux context for each container. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. properties: level: description: Level is SELinux level label that applies @@ -2763,98 +2726,93 @@ spec: type: string type: object seccompProfile: - description: The seccomp options to use by this container. - If seccomp options are provided at both the pod & container - level, the container options override the pod options. - Note that this field cannot be set when spec.os.name is - windows. + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. properties: localhostProfile: - description: localhostProfile indicates a profile defined - in a file on the node should be used. The profile - must be preconfigured on the node to work. Must be - a descending path, relative to the kubelet's configured - seccomp profile location. Must be set if type is "Localhost". - Must NOT be set for any other type. + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: - description: "type indicates which kind of seccomp profile - will be applied. Valid options are: \n Localhost - - a profile defined in a file on the node should be - used. RuntimeDefault - the container runtime default - profile should be used. Unconfined - no profile should - be applied." + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. type: string required: - type type: object windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is - linux. + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. properties: gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of the GMSA credential spec to use. type: string hostProcess: - description: HostProcess determines if a container should - be run as a 'Host Process' container. All of a Pod's - containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess - containers and non-HostProcess containers). In addition, - if HostProcess is true then HostNetwork must also - be set to true. + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. type: boolean runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: string type: object type: object startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod - will be restarted, just as if the livenessProbe failed. This - can be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. - This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + StartupProbe indicates that the Pod has successfully initialized. + If specified, no other probes are executed until this completes successfully. + If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + when it might take a long time to load data or warm a cache, than during steady-state operation. + This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -2866,10 +2824,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -2878,9 +2838,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP @@ -2890,9 +2850,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2909,33 +2869,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the host. + description: |- + Scheme to use for connecting to the host. Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -2950,77 +2912,76 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object stdin: - description: Whether this container should allocate a buffer - for stdin in the container runtime. If this is not set, reads - from stdin in the container will always result in EOF. Default - is false. + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. type: boolean stdinOnce: - description: Whether the container runtime should close the - stdin channel after it has been opened by a single attach. - When stdin is true the stdin stream will remain open across - multiple attach sessions. If stdinOnce is set to true, stdin - is opened on container start, is empty until the first client - attaches to stdin, and then remains open and accepts data - until the client disconnects, at which time stdin is closed - and remains closed until the container is restarted. If this - flag is false, a container processes that reads from stdin - will never receive an EOF. Default is false + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false type: boolean terminationMessagePath: - description: 'Optional: Path at which the file to which the - container''s termination message will be written is mounted - into the container''s filesystem. Message written is intended - to be brief final status, such as an assertion failure message. - Will be truncated by the node if greater than 4096 bytes. - The total message length across all containers will be limited - to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. type: string terminationMessagePolicy: - description: Indicate how the termination message should be - populated. File will use the contents of terminationMessagePath - to populate the container status message on both success and - failure. FallbackToLogsOnError will use the last chunk of - container log output if the termination message file is empty - and the container exited with an error. The log output is - limited to 2048 bytes or 80 lines, whichever is smaller. Defaults - to File. Cannot be updated. + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. type: string tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. type: boolean volumeDevices: description: volumeDevices is the list of block devices to be @@ -3043,40 +3004,44 @@ spec: type: object type: array volumeMounts: - description: Pod volumes to mount into the container's filesystem. + description: |- + Pod volumes to mount into the container's filesystem. Cannot be updated. items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. type: string mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other - way around. When not set, MountPropagationNone is used. + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. This field is beta in 1.10. type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. type: boolean subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). type: string subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. type: string required: - mountPath @@ -3084,39 +3049,45 @@ spec: type: object type: array workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might - be configured in the container image. Cannot be updated. + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. type: string required: - name type: object type: array enableFeatures: - description: "Enable access to Alertmanager feature flags. By default, - no features are enabled. Enabling features which are disabled by - default is entirely outside the scope of what the maintainers will - support and by doing so, you accept that this behaviour may break - at any time without notice. \n It requires Alertmanager >= 0.27.0." + description: |- + Enable access to Alertmanager feature flags. By default, no features are enabled. + Enabling features which are disabled by default is entirely outside the + scope of what the maintainers will support and by doing so, you accept + that this behaviour may break at any time without notice. + + + It requires Alertmanager >= 0.27.0. items: type: string type: array externalUrl: - description: The external URL the Alertmanager instances will be available - under. This is necessary to generate correct URLs. This is necessary - if Alertmanager is not served from root of a DNS name. + description: |- + The external URL the Alertmanager instances will be available under. This is + necessary to generate correct URLs. This is necessary if Alertmanager is not + served from root of a DNS name. type: string forceEnableClusterMode: - description: ForceEnableClusterMode ensures Alertmanager does not - deactivate the cluster mode when running with a single replica. - Use case is e.g. spanning an Alertmanager cluster across Kubernetes - clusters with a single replica in each. + description: |- + ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. + Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each. type: boolean hostAliases: description: Pods' hostAliases configuration items: - description: HostAlias holds the mapping between IP and hostnames - that will be injected as an entry in the pod's hosts file. + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. properties: hostnames: description: Hostnames for the above IP address. @@ -3135,15 +3106,16 @@ spec: - ip x-kubernetes-list-type: map image: - description: Image if specified has precedence over baseImage, tag - and sha combinations. Specifying the version is still necessary - to ensure the Prometheus Operator knows what version of Alertmanager - is being configured. + description: |- + Image if specified has precedence over baseImage, tag and sha + combinations. Specifying the version is still necessary to ensure the + Prometheus Operator knows what version of Alertmanager is being + configured. type: string imagePullPolicy: - description: Image pull policy for the 'alertmanager', 'init-config-reloader' - and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy - for more details. + description: |- + Image pull policy for the 'alertmanager', 'init-config-reloader' and 'config-reloader' containers. + See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. enum: - "" - Always @@ -3151,65 +3123,68 @@ spec: - IfNotPresent type: string imagePullSecrets: - description: An optional list of references to secrets in the same - namespace to use for pulling prometheus and alertmanager images - from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + description: |- + An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic type: array initContainers: - description: 'InitContainers allows adding initContainers to the pod - definition. Those can be used to e.g. fetch secrets for injection - into the Alertmanager configuration from external sources. Any errors - during the execution of an initContainer will lead to a restart - of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - InitContainers described here modify an operator generated init - containers if they share the same name and modifications are done - via a strategic merge patch. The current init container name is: - `init-config-reloader`. Overriding init containers is entirely outside - the scope of what the maintainers will support and by doing so, - you accept that this behaviour may break at any time without notice.' + description: |- + InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. + fetch secrets for injection into the Alertmanager configuration from external sources. Any + errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + InitContainers described here modify an operator + generated init containers if they share the same name and modifications are + done via a strategic merge patch. The current init container name is: + `init-config-reloader`. Overriding init containers is entirely outside the + scope of what the maintainers will support and by doing so, you accept that + this behaviour may break at any time without notice. items: description: A single application container that you want to run within a pod. properties: args: - description: 'Arguments to the entrypoint. The container image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will - be unchanged. Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references - will never be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Arguments to the entrypoint. + The container image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array command: - description: 'Entrypoint array. Not executed within a shell. - The container image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: - i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether - the variable exists or not. Cannot be updated. More info: - https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Entrypoint array. Not executed within a shell. + The container image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array env: - description: List of environment variables to set in the container. + description: |- + List of environment variables to set in the container. Cannot be updated. items: description: EnvVar represents an environment variable present @@ -3220,16 +3195,16 @@ spec: a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - the container and any service environment variables. - If a variable cannot be resolved, the reference in the - input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string - literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists - or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's value. @@ -3242,10 +3217,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or @@ -3256,11 +3231,9 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema the FieldPath @@ -3275,11 +3248,9 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required for volumes, @@ -3309,10 +3280,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -3328,13 +3299,13 @@ spec: type: object type: array envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be - a C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key - will take precedence. Cannot be updated. + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. items: description: EnvFromSource represents the source of a set of ConfigMaps @@ -3343,9 +3314,10 @@ spec: description: The ConfigMap to select from properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be @@ -3361,9 +3333,10 @@ spec: description: The Secret to select from properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -3373,40 +3346,42 @@ spec: type: object type: array image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. type: string imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images type: string lifecycle: - description: Actions that the management system should take - in response to container lifecycle events. Cannot be updated. + description: |- + Actions that the management system should take in response to container lifecycle events. + Cannot be updated. properties: postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -3415,9 +3390,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -3427,9 +3402,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3446,13 +3421,15 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port @@ -3470,10 +3447,10 @@ spec: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to connect to, @@ -3483,40 +3460,37 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The Pod''s termination grace period - countdown begins before the PreStop hook is executed. - Regardless of the outcome of the handler, the container - will eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other management - of the container blocks until the hook completes or until - the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -3525,9 +3499,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -3537,9 +3511,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3556,13 +3530,15 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port @@ -3580,10 +3556,10 @@ spec: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to connect to, @@ -3593,9 +3569,10 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port @@ -3603,30 +3580,30 @@ spec: type: object type: object livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -3638,10 +3615,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -3650,9 +3629,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP @@ -3662,9 +3641,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3681,33 +3660,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the host. + description: |- + Scheme to use for connecting to the host. Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -3722,78 +3703,82 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object name: - description: Name of the container specified as a DNS_LABEL. + description: |- + Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. type: string ports: - description: List of ports to expose from the container. Not - specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Modifying this array with strategic merge patch may corrupt - the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + description: |- + List of ports to expose from the container. Not specifying a port here + DOES NOT prevent that port from being exposed. Any port which is + listening on the default "0.0.0.0" address inside a container will be + accessible from the network. + Modifying this array with strategic merge patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. items: description: ContainerPort represents a network port in a single container. properties: containerPort: - description: Number of port to expose on the pod's IP - address. This must be a valid port number, 0 < x < 65536. + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. format: int32 type: integer hostIP: description: What host IP to bind the external port to. type: string hostPort: - description: Number of port to expose on the host. If - specified, this must be a valid port number, 0 < x < - 65536. If HostNetwork is specified, this must match - ContainerPort. Most containers do not need this. + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. format: int32 type: integer name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod - must have a unique name. Name for the port that can - be referred to by services. + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. type: string protocol: default: TCP - description: Protocol for port. Must be UDP, TCP, or SCTP. + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". type: string required: @@ -3805,30 +3790,30 @@ spec: - protocol x-kubernetes-list-type: map readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if the probe - fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -3840,10 +3825,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -3852,9 +3839,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP @@ -3864,9 +3851,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3883,33 +3870,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the host. + description: |- + Scheme to use for connecting to the host. Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -3924,34 +3913,33 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object @@ -3962,12 +3950,14 @@ spec: policy for the container. properties: resourceName: - description: 'Name of the resource to which this resource - resize policy applies. Supported values: cpu, memory.' + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. type: string restartPolicy: - description: Restart policy to apply when specified resource - is resized. If not specified, it defaults to NotRequired. + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. type: string required: - resourceName @@ -3976,22 +3966,29 @@ spec: type: array x-kubernetes-list-type: atomic resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Compute Resources required by this container. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only - be set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available inside a container. type: string required: @@ -4008,8 +4005,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -4018,52 +4016,52 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object restartPolicy: - description: 'RestartPolicy defines the restart behavior of - individual containers in a pod. This field may only be set - for init containers, and the only allowed value is "Always". + description: |- + RestartPolicy defines the restart behavior of individual containers in a pod. + This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, - the restart behavior is defined by the Pod''s restart policy - and the container type. Setting the RestartPolicy as "Always" - for the init container will have the following effect: this - init container will be continually restarted on exit until - all regular containers have terminated. Once all regular containers - have completed, all init containers with restartPolicy "Always" - will be shut down. This lifecycle differs from normal init - containers and is often referred to as a "sidecar" container. - Although this init container still starts in the init container - sequence, it does not wait for the container to complete before - proceeding to the next init container. Instead, the next init - container starts immediately after this init container is - started, or after any startupProbe has successfully completed.' + the restart behavior is defined by the Pod's restart policy and the container type. + Setting the RestartPolicy as "Always" for the init container will have the following effect: + this init container will be continually restarted on + exit until all regular containers have terminated. Once all regular + containers have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although this init + container still starts in the init container sequence, it does not wait + for the container to complete before proceeding to the next init + container. Instead, the next init container starts immediately after this + init container is started, or after any startupProbe has successfully + completed. type: string securityContext: - description: 'SecurityContext defines the security options the - container should be run with. If set, the fields of SecurityContext - override the equivalent fields of PodSecurityContext. More - info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + description: |- + SecurityContext defines the security options the container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ properties: allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether - a process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN Note that this field cannot be set - when spec.os.name is windows.' + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. type: boolean capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by - the container runtime. Note that this field cannot be - set when spec.os.name is windows. + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. properties: add: description: Added capabilities @@ -4081,60 +4079,60 @@ spec: type: array type: object privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent to - root on the host. Defaults to false. Note that this field - cannot be set when spec.os.name is windows. + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. type: boolean procMount: - description: procMount denotes the type of proc mount to - use for the containers. The default is DefaultProcMount - which uses the container runtime defaults for readonly - paths and masked paths. This requires the ProcMountType - feature flag to be enabled. Note that this field cannot - be set when spec.os.name is windows. + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. type: string readOnlyRootFilesystem: - description: Whether this container has a read-only root - filesystem. Default is false. Note that this field cannot - be set when spec.os.name is windows. + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. type: boolean runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer runAsNonRoot: - description: Indicates that the container must run as a - non-root user. If true, the Kubelet will validate the - image at runtime to ensure that it does not run as UID - 0 (root) and fail to start the container if it does. If - unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the value specified - in SecurityContext takes precedence. + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: boolean runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata - if unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name is windows. + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a - random SELinux context for each container. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. properties: level: description: Level is SELinux level label that applies @@ -4154,98 +4152,93 @@ spec: type: string type: object seccompProfile: - description: The seccomp options to use by this container. - If seccomp options are provided at both the pod & container - level, the container options override the pod options. - Note that this field cannot be set when spec.os.name is - windows. + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. properties: localhostProfile: - description: localhostProfile indicates a profile defined - in a file on the node should be used. The profile - must be preconfigured on the node to work. Must be - a descending path, relative to the kubelet's configured - seccomp profile location. Must be set if type is "Localhost". - Must NOT be set for any other type. + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: - description: "type indicates which kind of seccomp profile - will be applied. Valid options are: \n Localhost - - a profile defined in a file on the node should be - used. RuntimeDefault - the container runtime default - profile should be used. Unconfined - no profile should - be applied." + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. type: string required: - type type: object windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is - linux. + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. properties: gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of the GMSA credential spec to use. type: string hostProcess: - description: HostProcess determines if a container should - be run as a 'Host Process' container. All of a Pod's - containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess - containers and non-HostProcess containers). In addition, - if HostProcess is true then HostNetwork must also - be set to true. + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. type: boolean runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: string type: object type: object startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod - will be restarted, just as if the livenessProbe failed. This - can be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. - This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + StartupProbe indicates that the Pod has successfully initialized. + If specified, no other probes are executed until this completes successfully. + If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + when it might take a long time to load data or warm a cache, than during steady-state operation. + This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -4257,10 +4250,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -4269,9 +4264,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP @@ -4281,9 +4276,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -4300,33 +4295,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the host. + description: |- + Scheme to use for connecting to the host. Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -4341,77 +4338,76 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object stdin: - description: Whether this container should allocate a buffer - for stdin in the container runtime. If this is not set, reads - from stdin in the container will always result in EOF. Default - is false. + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. type: boolean stdinOnce: - description: Whether the container runtime should close the - stdin channel after it has been opened by a single attach. - When stdin is true the stdin stream will remain open across - multiple attach sessions. If stdinOnce is set to true, stdin - is opened on container start, is empty until the first client - attaches to stdin, and then remains open and accepts data - until the client disconnects, at which time stdin is closed - and remains closed until the container is restarted. If this - flag is false, a container processes that reads from stdin - will never receive an EOF. Default is false + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false type: boolean terminationMessagePath: - description: 'Optional: Path at which the file to which the - container''s termination message will be written is mounted - into the container''s filesystem. Message written is intended - to be brief final status, such as an assertion failure message. - Will be truncated by the node if greater than 4096 bytes. - The total message length across all containers will be limited - to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. type: string terminationMessagePolicy: - description: Indicate how the termination message should be - populated. File will use the contents of terminationMessagePath - to populate the container status message on both success and - failure. FallbackToLogsOnError will use the last chunk of - container log output if the termination message file is empty - and the container exited with an error. The log output is - limited to 2048 bytes or 80 lines, whichever is smaller. Defaults - to File. Cannot be updated. + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. type: string tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. type: boolean volumeDevices: description: volumeDevices is the list of block devices to be @@ -4434,40 +4430,44 @@ spec: type: object type: array volumeMounts: - description: Pod volumes to mount into the container's filesystem. + description: |- + Pod volumes to mount into the container's filesystem. Cannot be updated. items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. type: string mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other - way around. When not set, MountPropagationNone is used. + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. This field is beta in 1.10. type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. type: boolean subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). type: string subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. type: string required: - mountPath @@ -4475,18 +4475,21 @@ spec: type: object type: array workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might - be configured in the container image. Cannot be updated. + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. type: string required: - name type: object type: array listenLocal: - description: ListenLocal makes the Alertmanager server listen on loopback, - so that it does not bind against the Pod IP. Note this is only for - the Alertmanager UI, not the gossip communication. + description: |- + ListenLocal makes the Alertmanager server listen on loopback, so that it + does not bind against the Pod IP. Note this is only for the Alertmanager + UI, not the gossip communication. type: boolean logFormat: description: Log format for Alertmanager to be configured with. @@ -4505,12 +4508,11 @@ spec: - error type: string minReadySeconds: - description: Minimum number of seconds for which a newly created pod - should be ready without any of its container crashing for it to - be considered available. Defaults to 0 (pod will be considered available - as soon as it is ready) This is an alpha field from kubernetes 1.22 - until 1.24 which requires enabling the StatefulSetMinReadySeconds - feature gate. + description: |- + Minimum number of seconds for which a newly created pod should be ready + without any of its container crashing for it to be considered available. + Defaults to 0 (pod will be considered available as soon as it is ready) + This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate. format: int32 type: integer nodeSelector: @@ -4519,74 +4521,89 @@ spec: description: Define which Nodes the Pods are scheduled on. type: object paused: - description: If set to true all actions on the underlying managed - objects are not goint to be performed, except for delete actions. + description: |- + If set to true all actions on the underlying managed objects are not + goint to be performed, except for delete actions. type: boolean podMetadata: - description: "PodMetadata configures labels and annotations which - are propagated to the Alertmanager pods. \n The following items - are reserved and cannot be overridden: * \"alertmanager\" label, - set to the name of the Alertmanager instance. * \"app.kubernetes.io/instance\" - label, set to the name of the Alertmanager instance. * \"app.kubernetes.io/managed-by\" - label, set to \"prometheus-operator\". * \"app.kubernetes.io/name\" - label, set to \"alertmanager\". * \"app.kubernetes.io/version\" - label, set to the Alertmanager version. * \"kubectl.kubernetes.io/default-container\" - annotation, set to \"alertmanager\"." + description: |- + PodMetadata configures labels and annotations which are propagated to the Alertmanager pods. + + + The following items are reserved and cannot be overridden: + * "alertmanager" label, set to the name of the Alertmanager instance. + * "app.kubernetes.io/instance" label, set to the name of the Alertmanager instance. + * "app.kubernetes.io/managed-by" label, set to "prometheus-operator". + * "app.kubernetes.io/name" label, set to "alertmanager". + * "app.kubernetes.io/version" label, set to the Alertmanager version. + * "kubectl.kubernetes.io/default-container" annotation, set to "alertmanager". properties: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value map stored - with a resource that may be set by external tools to store and - retrieve arbitrary metadata. They are not queryable and should - be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be used to - organize and categorize (scope and select) objects. May match - selectors of replication controllers and services. More info: - http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object name: - description: 'Name must be unique within a namespace. Is required - when creating resources, although some resources may allow a - client to request the generation of an appropriate name automatically. - Name is primarily intended for creation idempotence and configuration - definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names type: string type: object portName: default: web - description: Port name used for the pods and governing service. Defaults - to `web`. + description: |- + Port name used for the pods and governing service. + Defaults to `web`. type: string priorityClassName: description: Priority class assigned to the Pods type: string replicas: - description: Size is the expected size of the alertmanager cluster. - The controller will eventually make the size of the running cluster - equal to the expected size. + description: |- + Size is the expected size of the alertmanager cluster. The controller will + eventually make the size of the running cluster equal to the expected + size. format: int32 type: integer resources: description: Define resources requests and limits for single Pods. properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be set - for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. type: string required: - name @@ -4602,8 +4619,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -4612,94 +4630,103 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object retention: default: 120h - description: Time duration Alertmanager shall retain data for. Default - is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)` - (milliseconds seconds minutes hours). + description: |- + Time duration Alertmanager shall retain data for. Default is '120h', + and must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds seconds minutes hours). pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string routePrefix: - description: The route prefix Alertmanager registers HTTP handlers - for. This is useful, if using ExternalURL and a proxy is rewriting - HTTP routes of a request, and the actual ExternalURL is still true, - but the server serves requests under a different route prefix. For - example for use with `kubectl proxy`. + description: |- + The route prefix Alertmanager registers HTTP handlers for. This is useful, + if using ExternalURL and a proxy is rewriting HTTP routes of a request, + and the actual ExternalURL is still true, but the server serves requests + under a different route prefix. For example for use with `kubectl proxy`. type: string secrets: - description: Secrets is a list of Secrets in the same namespace as - the Alertmanager object, which shall be mounted into the Alertmanager - Pods. Each Secret is added to the StatefulSet definition as a volume - named `secret-`. The Secrets are mounted into `/etc/alertmanager/secrets/` - in the 'alertmanager' container. + description: |- + Secrets is a list of Secrets in the same namespace as the Alertmanager + object, which shall be mounted into the Alertmanager Pods. + Each Secret is added to the StatefulSet definition as a volume named `secret-`. + The Secrets are mounted into `/etc/alertmanager/secrets/` in the 'alertmanager' container. items: type: string type: array securityContext: - description: SecurityContext holds pod-level security attributes and - common container settings. This defaults to the default PodSecurityContext. + description: |- + SecurityContext holds pod-level security attributes and common container settings. + This defaults to the default PodSecurityContext. properties: fsGroup: - description: "A special supplemental group that applies to all - containers in a pod. Some volume types allow the Kubelet to - change the ownership of that volume to be owned by the pod: - \n 1. The owning GID will be the FSGroup 2. The setgid bit is - set (new files created in the volume will be owned by FSGroup) - 3. The permission bits are OR'd with rw-rw---- \n If unset, - the Kubelet will not modify the ownership and permissions of - any volume. Note that this field cannot be set when spec.os.name - is windows." + description: |- + A special supplemental group that applies to all containers in a pod. + Some volume types allow the Kubelet to change the ownership of that volume + to be owned by the pod: + + + 1. The owning GID will be the FSGroup + 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + 3. The permission bits are OR'd with rw-rw---- + + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer fsGroupChangePolicy: - description: 'fsGroupChangePolicy defines behavior of changing - ownership and permission of the volume before being exposed - inside Pod. This field will only apply to volume types which - support fsGroup based ownership(and permissions). It will have - no effect on ephemeral volume types such as: secret, configmaps - and emptydir. Valid values are "OnRootMismatch" and "Always". - If not specified, "Always" is used. Note that this field cannot - be set when spec.os.name is windows.' + description: |- + fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + before being exposed inside Pod. This field will only apply to + volume types which support fsGroup based ownership(and permissions). + It will have no effect on ephemeral volume types such as: secret, configmaps + and emptydir. + Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + Note that this field cannot be set when spec.os.name is windows. type: string runAsGroup: - description: The GID to run the entrypoint of the container process. - Uses runtime default if unset. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence for that container. + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence + for that container. Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer runAsNonRoot: - description: Indicates that the container must run as a non-root - user. If true, the Kubelet will validate the image at runtime - to ensure that it does not run as UID 0 (root) and fail to start - the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified - in SecurityContext takes precedence. + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: boolean runAsUser: - description: The UID to run the entrypoint of the container process. + description: |- + The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. - May also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. Note that this field cannot - be set when spec.os.name is windows. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence + for that container. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer seLinuxOptions: - description: The SELinux context to be applied to all containers. - If unspecified, the container runtime will allocate a random - SELinux context for each container. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence for that container. + description: |- + The SELinux context to be applied to all containers. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in SecurityContext. If set in + both SecurityContext and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. properties: level: @@ -4720,47 +4747,48 @@ spec: type: string type: object seccompProfile: - description: The seccomp options to use by the containers in this - pod. Note that this field cannot be set when spec.os.name is - windows. + description: |- + The seccomp options to use by the containers in this pod. + Note that this field cannot be set when spec.os.name is windows. properties: localhostProfile: - description: localhostProfile indicates a profile defined - in a file on the node should be used. The profile must be - preconfigured on the node to work. Must be a descending - path, relative to the kubelet's configured seccomp profile - location. Must be set if type is "Localhost". Must NOT be - set for any other type. + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: - description: "type indicates which kind of seccomp profile - will be applied. Valid options are: \n Localhost - a profile - defined in a file on the node should be used. RuntimeDefault - - the container runtime default profile should be used. - Unconfined - no profile should be applied." + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. type: string required: - type type: object supplementalGroups: - description: A list of groups applied to the first process run - in each container, in addition to the container's primary GID, - the fsGroup (if specified), and group memberships defined in - the container image for the uid of the container process. If - unspecified, no additional groups are added to any container. - Note that group memberships defined in the container image for - the uid of the container process are still effective, even if - they are not included in this list. Note that this field cannot - be set when spec.os.name is windows. + description: |- + A list of groups applied to the first process run in each container, in addition + to the container's primary GID, the fsGroup (if specified), and group memberships + defined in the container image for the uid of the container process. If unspecified, + no additional groups are added to any container. Note that group memberships + defined in the container image for the uid of the container process are still effective, + even if they are not included in this list. + Note that this field cannot be set when spec.os.name is windows. items: format: int64 type: integer type: array sysctls: - description: Sysctls hold a list of namespaced sysctls used for - the pod. Pods with unsupported sysctls (by the container runtime) - might fail to launch. Note that this field cannot be set when - spec.os.name is windows. + description: |- + Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + sysctls (by the container runtime) might fail to launch. + Note that this field cannot be set when spec.os.name is windows. items: description: Sysctl defines a kernel parameter to be set properties: @@ -4776,146 +4804,156 @@ spec: type: object type: array windowsOptions: - description: The Windows specific settings applied to all containers. - If unspecified, the options within a container's SecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name is linux. + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options within a container's SecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. properties: gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named by - the GMSACredentialSpecName field. + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of the GMSA credential spec to use. type: string hostProcess: - description: HostProcess determines if a container should - be run as a 'Host Process' container. All of a Pod's containers - must have the same effective HostProcess value (it is not - allowed to have a mix of HostProcess containers and non-HostProcess - containers). In addition, if HostProcess is true then HostNetwork - must also be set to true. + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. type: boolean runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set in PodSecurityContext. - If set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: string type: object type: object serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount - to use to run the Prometheus Pods. + description: |- + ServiceAccountName is the name of the ServiceAccount to use to run the + Prometheus Pods. type: string sha: - description: 'SHA of Alertmanager container image to be deployed. - Defaults to the value of `version`. Similar to a tag, but the SHA - explicitly deploys an immutable container image. Version and Tag - are ignored if SHA is set. Deprecated: use ''image'' instead. The - image digest can be specified as part of the image URL.' + description: |- + SHA of Alertmanager container image to be deployed. Defaults to the value of `version`. + Similar to a tag, but the SHA explicitly deploys an immutable container image. + Version and Tag are ignored if SHA is set. + Deprecated: use 'image' instead. The image digest can be specified as part of the image URL. type: string storage: - description: Storage is the definition of how storage will be used - by the Alertmanager instances. + description: |- + Storage is the definition of how storage will be used by the Alertmanager + instances. properties: disableMountSubPath: description: 'Deprecated: subPath usage will be removed in a future release.' type: boolean emptyDir: - description: 'EmptyDirVolumeSource to be used by the StatefulSet. + description: |- + EmptyDirVolumeSource to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. - More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' + More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir properties: medium: - description: 'medium represents what type of storage medium - should back this directory. The default is "" which means - to use the node''s default medium. Must be an empty string - (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local storage - required for this EmptyDir volume. The size limit is also - applicable for memory medium. The maximum usage on memory - medium EmptyDir would be the minimum value between the SizeLimit - specified here and the sum of memory limits of all containers - in a pod. The default is nil which means that the limit - is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: 'EphemeralVolumeSource to be used by the StatefulSet. - This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, - starting with k8s 1.19, it requires enabling the GenericEphemeralVolume - feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes' + description: |- + EphemeralVolumeSource to be used by the StatefulSet. + This is a beta field in k8s 1.21 and GA in 1.15. + For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. + More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to - provision the volume. The pod in which this EphemeralVolumeSource - is embedded will be the owner of the PVC, i.e. the PVC will - be deleted together with the pod. The name of the PVC will - be `-` where `` is the - name from the `PodSpec.Volumes` array entry. Pod validation - will reject the pod if the concatenated name is not valid - for a PVC (for example, too long). \n An existing PVC with - that name that is not owned by the pod will *not* be used - for the pod to avoid using an unrelated volume by mistake. - Starting the pod is then blocked until the unrelated PVC - is removed. If such a pre-created PVC is meant to be used - by the pod, the PVC has to updated with an owner reference - to the pod once the pod exists. Normally this should not - be necessary, but it may be useful when manually reconstructing - a broken cluster. \n This field is read-only and no changes - will be made by Kubernetes to the PVC after it has been - created. \n Required, must not be nil." + description: |- + Will be used to create a stand-alone PVC to provision the volume. + The pod in which this EphemeralVolumeSource is embedded will be the + owner of the PVC, i.e. the PVC will be deleted together with the + pod. The name of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` array + entry. Pod validation will reject the pod if the concatenated name + is not valid for a PVC (for example, too long). + + + An existing PVC with that name that is not owned by the pod + will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC is + meant to be used by the pod, the PVC has to updated with an + owner reference to the pod once the pod exists. Normally + this should not be necessary, but it may be useful when + manually reconstructing a broken cluster. + + + This field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. + + + Required, must not be nil. properties: metadata: - description: May contain labels and annotations that will - be copied into the PVC when creating it. No other fields - are allowed and will be rejected during validation. + description: |- + May contain labels and annotations that will be copied into the PVC + when creating it. No other fields are allowed and will be rejected during + validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into the PVC - that gets created from this template. The same fields - as in a PersistentVolumeClaim are also valid here. + description: |- + The specification for the PersistentVolumeClaim. The entire content is + copied unchanged into the PVC that gets created from this + template. The same fields as in a PersistentVolumeClaim + are also valid here. properties: accessModes: - description: 'accessModes contains the desired access - modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 items: type: string type: array dataSource: - description: 'dataSource field can be used to specify - either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) If the - provisioner or an external controller can support - the specified data source, it will create a new - volume based on the contents of the specified data - source. When the AnyVolumeDataSource feature gate - is enabled, dataSource contents will be copied to - dataSourceRef, and dataSourceRef contents will be - copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace is specified, - then dataSourceRef will not be copied to dataSource.' + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. properties: apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API group. - For any other third-party types, APIGroup is - required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being @@ -4931,42 +4969,36 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the object from - which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a - non-empty API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume binding - will only succeed if the type of the specified object - matches some installed volume populator or dynamic - provisioner. This field will replace the functionality - of the dataSource field and as such if both fields - are non-empty, they must have the same value. For - backwards compatibility, when namespace isn''t specified - in dataSourceRef, both fields (dataSource and dataSourceRef) - will be set to the same value automatically if one - of them is empty and the other is non-empty. When - namespace is specified in dataSourceRef, dataSource - isn''t set to the same value and must be empty. - There are three important differences between dataSource - and dataSourceRef: * While dataSource only allows - two specific types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves all values, - and generates an error if a disallowed value is - specified. * While dataSource only allows local - objects, dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using the namespace - field of dataSourceRef requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. properties: apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API group. - For any other third-party types, APIGroup is - required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being @@ -4977,27 +5009,22 @@ spec: referenced type: string namespace: - description: Namespace is the namespace of resource - being referenced Note that when a namespace - is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept the - reference. See the ReferenceGrant documentation - for details. (Alpha) This field requires the - CrossNamespaceVolumeDataSource feature gate - to be enabled. + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum resources - the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify - resource requirements that are lower than previous - value but must still be higher than capacity recorded - in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources properties: limits: additionalProperties: @@ -5006,8 +5033,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -5016,12 +5044,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. Requests cannot - exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: @@ -5033,26 +5060,25 @@ spec: selector requirements. The requirements are ANDed. items: - description: A label selector requirement is - a selector that contains values, a key, and - an operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If - the operator is Exists or DoesNotExist, - the values array must be empty. This array - is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -5064,44 +5090,37 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". - The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name of the - StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 type: string volumeAttributesClassName: - description: 'volumeAttributesClassName may be used - to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update - the volume with the attributes defined in the corresponding - VolumeAttributesClass. This has a different purpose - than storageClassName, it can be changed after the - claim is created. An empty string value means that - no VolumeAttributesClass will be applied to the - claim but it''s not allowed to reset this field - to empty string once it is set. If unspecified and - the PersistentVolumeClaim is unbound, the default - VolumeAttributesClass will be set by the persistentvolume - controller if it exists. If the resource referred - to by volumeAttributesClass does not exist, this - PersistentVolumeClaim will be set to a Pending state, - as reflected by the modifyVolumeStatus field, until - such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - (Alpha) Using this field requires the VolumeAttributesClass - feature gate to be enabled.' + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. type: string volumeMode: - description: volumeMode defines what type of volume - is required by the claim. Value of Filesystem is - implied when not included in claim spec. + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. type: string volumeName: description: volumeName is the binding reference to @@ -5113,22 +5132,25 @@ spec: type: object type: object volumeClaimTemplate: - description: Defines the PVC spec to be used by the Prometheus - StatefulSets. The easiest way to use a volume that cannot be - automatically provisioned is to use a label selector alongside - manually created PersistentVolumes. + description: |- + Defines the PVC spec to be used by the Prometheus StatefulSets. + The easiest way to use a volume that cannot be automatically provisioned + is to use a label selector alongside manually created PersistentVolumes. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: description: EmbeddedMetadata contains metadata relevant to @@ -5137,56 +5159,58 @@ spec: annotations: additionalProperties: type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. They - are not queryable and should be preserved when modifying - objects. More info: http://kubernetes.io/docs/user-guide/annotations' + description: |- + Annotations is an unstructured key value map stored with a resource that may be + set by external tools to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations type: object labels: additionalProperties: type: string - description: 'Map of string keys and values that can be - used to organize and categorize (scope and select) objects. - May match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' + description: |- + Map of string keys and values that can be used to organize and categorize + (scope and select) objects. May match selectors of replication controllers + and services. + More info: http://kubernetes.io/docs/user-guide/labels type: object name: - description: 'Name must be unique within a namespace. - Is required when creating resources, although some resources - may allow a client to request the generation of an appropriate - name automatically. Name is primarily intended for creation - idempotence and configuration definition. Cannot be - updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + description: |- + Name must be unique within a namespace. Is required when creating resources, although + some resources may allow a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence and configuration + definition. + Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names type: string type: object spec: - description: 'Defines the desired characteristics of a volume - requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: |- + Defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: accessModes: - description: 'accessModes contains the desired access - modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 items: type: string type: array dataSource: - description: 'dataSource field can be used to specify - either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) If the provisioner - or an external controller can support the specified - data source, it will create a new volume based on the - contents of the specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource contents will be - copied to dataSourceRef, and dataSourceRef contents - will be copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace is specified, then - dataSourceRef will not be copied to dataSource.' + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. properties: apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API group. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: @@ -5201,39 +5225,35 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the object from - which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume binding - will only succeed if the type of the specified object - matches some installed volume populator or dynamic provisioner. - This field will replace the functionality of the dataSource - field and as such if both fields are non-empty, they - must have the same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, both - fields (dataSource and dataSourceRef) will be set to - the same value automatically if one of them is empty - and the other is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t set to the same - value and must be empty. There are three important differences - between dataSource and dataSourceRef: * While dataSource - only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves all values, - and generates an error if a disallowed value is specified. - * While dataSource only allows local objects, dataSourceRef - allows objects in any namespaces. (Beta) Using this - field requires the AnyVolumeDataSource feature gate - to be enabled. (Alpha) Using the namespace field of - dataSourceRef requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. properties: apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API group. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: @@ -5243,26 +5263,22 @@ spec: description: Name is the name of resource being referenced type: string namespace: - description: Namespace is the namespace of resource - being referenced Note that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant object - is required in the referent namespace to allow that - namespace's owner to accept the reference. See the - ReferenceGrant documentation for details. (Alpha) - This field requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum resources - the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify resource - requirements that are lower than previous value but - must still be higher than capacity recorded in the status - field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources properties: limits: additionalProperties: @@ -5271,8 +5287,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -5281,12 +5298,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. Requests cannot exceed Limits. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: @@ -5297,8 +5313,8 @@ spec: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: @@ -5306,17 +5322,16 @@ spec: applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. - If the operator is In or NotIn, the values - array must be non-empty. If the operator is - Exists or DoesNotExist, the values array must - be empty. This array is replaced during a - strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -5328,42 +5343,37 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name of the StorageClass - required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 type: string volumeAttributesClassName: - description: 'volumeAttributesClassName may be used to - set the VolumeAttributesClass used by this claim. If - specified, the CSI driver will create or update the - volume with the attributes defined in the corresponding - VolumeAttributesClass. This has a different purpose - than storageClassName, it can be changed after the claim - is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it''s not allowed to - reset this field to empty string once it is set. If - unspecified and the PersistentVolumeClaim is unbound, - the default VolumeAttributesClass will be set by the - persistentvolume controller if it exists. If the resource - referred to by volumeAttributesClass does not exist, - this PersistentVolumeClaim will be set to a Pending - state, as reflected by the modifyVolumeStatus field, - until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - (Alpha) Using this field requires the VolumeAttributesClass - feature gate to be enabled.' + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. type: string volumeMode: - description: volumeMode defines what type of volume is - required by the claim. Value of Filesystem is implied - when not included in claim spec. + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. type: string volumeName: description: volumeName is the binding reference to the @@ -5374,54 +5384,55 @@ spec: description: 'Deprecated: this field is never set.' properties: accessModes: - description: 'accessModes contains the actual access modes - the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 items: type: string type: array allocatedResourceStatuses: additionalProperties: - description: When a controller receives persistentvolume - claim update with ClaimResourceStatus for a resource - that it does not recognizes, then it should ignore - that update and let other controllers handle it. + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. type: string description: "allocatedResourceStatuses stores status - of resource being resized for the given PVC. Key names + of resource being resized for the given PVC.\nKey names follow standard Kubernetes label syntax. Valid values - are either: * Un-prefixed keys: - storage - the capacity - of the volume. * Custom resources must use implementation-defined - prefixed names such as \"example.com/my-custom-resource\" - Apart from above values - keys that are unprefixed or - have kubernetes.io prefix are considered reserved and - hence may not be used. \n ClaimResourceStatus can be - in any of following states: - ControllerResizeInProgress: - State set when resize controller starts resizing the - volume in control-plane. - ControllerResizeFailed: State + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\n\nClaimResourceStatus can be in + any of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with - a terminal error. - NodeResizePending: State set when - resize controller has finished resizing the volume but - further resizing of volume is needed on the node. - - NodeResizeInProgress: State set when kubelet starts - resizing the volume. - NodeResizeFailed: State set when - resizing has failed in kubelet with a terminal error. - Transient errors don't set NodeResizeFailed. For example: - if expanding a PVC for more capacity - this field can - be one of the following states: - pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeFailed\" When this field is not set, it - means that no resize operation is in progress for the - given PVC. \n A controller that receives PVC update - with previously unknown resourceName or ClaimResourceStatus - should ignore the update for the purpose it was designed. - For example - a controller that only is responsible - for resizing capacity of the volume, should ignore PVC - updates that change other valid resources associated - with PVC. \n This is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature." + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC.\n\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure + feature." type: object x-kubernetes-map-type: granular allocatedResources: @@ -5432,29 +5443,29 @@ spec: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: "allocatedResources tracks the resources - allocated to a PVC including its capacity. Key names + allocated to a PVC including its capacity.\nKey names follow standard Kubernetes label syntax. Valid values - are either: * Un-prefixed keys: - storage - the capacity - of the volume. * Custom resources must use implementation-defined - prefixed names such as \"example.com/my-custom-resource\" - Apart from above values - keys that are unprefixed or - have kubernetes.io prefix are considered reserved and - hence may not be used. \n Capacity reported here may - be larger than the actual capacity when a volume expansion - operation is requested. For storage quota, the larger + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\n\nCapacity reported here may be + larger than the actual capacity when a volume expansion + operation\nis requested.\nFor storage quota, the larger value from allocatedResources and PVC.spec.resources - is used. If allocatedResources is not set, PVC.spec.resources - alone is used for quota calculation. If a volume expansion - capacity request is lowered, allocatedResources is only - lowered if there are no expansion operations in progress - and if the actual volume capacity is equal or lower - than the requested capacity. \n A controller that receives - PVC update with previously unknown resourceName should + is used.\nIf allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\n\nA controller that receives + PVC update with previously unknown resourceName\nshould ignore the update for the purpose it was designed. For - example - a controller that only is responsible for + example - a controller that\nonly is responsible for resizing capacity of the volume, should ignore PVC updates - that change other valid resources associated with PVC. - \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure + that change other valid\nresources associated with PVC.\n\n\nThis + is an alpha field and requires enabling RecoverVolumeExpansionFailure feature." type: object capacity: @@ -5468,8 +5479,8 @@ spec: of the underlying volume. type: object conditions: - description: conditions is the current Condition of persistent - volume claim. If underlying persistent volume is being + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'. items: description: PersistentVolumeClaimCondition contains @@ -5490,10 +5501,9 @@ spec: indicating details about last transition. type: string reason: - description: reason is a unique, this should be - a short, machine understandable string that gives - the reason for condition's last transition. If - it reports "ResizeStarted" that means the underlying + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "ResizeStarted" that means the underlying persistent volume is being resized. type: string status: @@ -5508,32 +5518,30 @@ spec: type: object type: array currentVolumeAttributesClassName: - description: currentVolumeAttributesClassName is the current - name of the VolumeAttributesClass the PVC is using. - When unset, there is no VolumeAttributeClass applied - to this PersistentVolumeClaim This is an alpha field - and requires enabling VolumeAttributesClass feature. + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is an alpha field and requires enabling VolumeAttributesClass feature. type: string modifyVolumeStatus: - description: ModifyVolumeStatus represents the status - object of ControllerModifyVolume operation. When this - is unset, there is no ModifyVolume operation being attempted. - This is an alpha field and requires enabling VolumeAttributesClass - feature. + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is an alpha field and requires enabling VolumeAttributesClass feature. properties: status: - description: 'status is the status of the ControllerModifyVolume - operation. It can be in any of following states: - - Pending Pending indicates that the PersistentVolumeClaim + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such - as the specified VolumeAttributesClass not existing. - - InProgress InProgress indicates that the volume - is being modified. - Infeasible Infeasible indicates - that the request has been rejected as invalid by - the CSI driver. To resolve the error, a valid VolumeAttributesClass - needs to be specified. Note: New statuses can be - added in the future. Consumers should check for - unknown statuses and fail appropriately.' + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." type: string targetVolumeAttributesClassName: description: targetVolumeAttributesClassName is the @@ -5550,48 +5558,47 @@ spec: type: object type: object tag: - description: 'Tag of Alertmanager container image to be deployed. - Defaults to the value of `version`. Version is ignored if Tag is - set. Deprecated: use ''image'' instead. The image tag can be specified - as part of the image URL.' + description: |- + Tag of Alertmanager container image to be deployed. Defaults to the value of `version`. + Version is ignored if Tag is set. + Deprecated: use 'image' instead. The image tag can be specified as part of the image URL. type: string tolerations: description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array @@ -5602,33 +5609,34 @@ spec: pods among the given topology. properties: labelSelector: - description: LabelSelector is used to find matching pods. Pods - that match this label selector are counted to determine the - number of pods in their corresponding topology domain. + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists or - DoesNotExist, the values array must be empty. This - array is replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -5640,126 +5648,134 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select - the pods over which spreading will be calculated. The keys - are used to lookup values from the incoming pod labels, those - key-value labels are ANDed with labelSelector to select the - group of existing pods over which spreading will be calculated - for the incoming pod. The same key is forbidden to exist in - both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot - be set when LabelSelector isn't set. Keys that don't exist - in the incoming pod labels will be ignored. A null or empty - list means only match against labelSelector. \n This is a - beta field and requires the MatchLabelKeysInPodTopologySpread - feature gate to be enabled (enabled by default)." + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). items: type: string type: array x-kubernetes-list-type: atomic maxSkew: - description: 'MaxSkew describes the degree to which pods may - be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, - it is the maximum permitted difference between the number - of matching pods in the target topology and the global minimum. - The global minimum is the minimum number of matching pods - in an eligible domain or zero if the number of eligible domains - is less than MinDomains. For example, in a 3-zone cluster, - MaxSkew is set to 1, and pods with the same labelSelector - spread as 2/2/1: In this case, the global minimum is 1. | - zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew - is 1, incoming pod can only be scheduled to zone3 to become - 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) - on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming - pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, - it is used to give higher precedence to topologies that satisfy - it. It''s a required field. Default value is 1 and 0 is not - allowed.' + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. format: int32 type: integer minDomains: - description: "MinDomains indicates a minimum number of eligible - domains. When the number of eligible domains with matching - topology keys is less than minDomains, Pod Topology Spread - treats \"global minimum\" as 0, and then the calculation of - Skew is performed. And when the number of eligible domains - with matching topology keys equals or greater than minDomains, - this value has no effect on scheduling. As a result, when - the number of eligible domains is less than minDomains, scheduler - won't schedule more than maxSkew Pods to those domains. If - value is nil, the constraint behaves as if MinDomains is equal - to 1. Valid values are integers greater than 0. When value - is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For - example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains - is set to 5 and pods with the same labelSelector spread as - 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | - The number of domains is less than 5(MinDomains), so \"global - minimum\" is treated as 0. In this situation, new pod with - the same labelSelector cannot be scheduled, because computed - skew will be 3(3 - 0) if new Pod is scheduled to any of the - three zones, it will violate MaxSkew. \n This is a beta field - and requires the MinDomainsInPodTopologySpread feature gate - to be enabled (enabled by default)." + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + + + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). format: int32 type: integer nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat - Pod's nodeAffinity/nodeSelector when calculating pod topology - spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector - are included in the calculations. - Ignore: nodeAffinity/nodeSelector - are ignored. All nodes are included in the calculations. \n - If this value is nil, the behavior is equivalent to the Honor - policy. This is a beta-level feature default enabled by the - NodeInclusionPolicyInPodTopologySpread feature flag." + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + + If this value is nil, the behavior is equivalent to the Honor policy. + This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node - taints when calculating pod topology spread skew. Options - are: - Honor: nodes without taints, along with tainted nodes - for which the incoming pod has a toleration, are included. + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - \n If this value is nil, the behavior is equivalent to the - Ignore policy. This is a beta-level feature default enabled - by the NodeInclusionPolicyInPodTopologySpread feature flag." + + + If this value is nil, the behavior is equivalent to the Ignore policy. + This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string topologyKey: - description: TopologyKey is the key of node labels. Nodes that - have a label with this key and identical values are considered - to be in the same topology. We consider each - as a "bucket", and try to put balanced number of pods into - each bucket. We define a domain as a particular instance of - a topology. Also, we define an eligible domain as a domain - whose nodes meet the requirements of nodeAffinityPolicy and - nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", - each Node is a domain of that topology. And, if TopologyKey - is "topology.kubernetes.io/zone", each zone is a domain of - that topology. It's a required field. + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. type: string whenUnsatisfiable: - description: 'WhenUnsatisfiable indicates how to deal with a - pod if it doesn''t satisfy the spread constraint. - DoNotSchedule - (default) tells the scheduler not to schedule it. - ScheduleAnyway - tells the scheduler to schedule the pod in any location, but - giving higher precedence to topologies that would help reduce - the skew. A constraint is considered "Unsatisfiable" for an - incoming pod if and only if every possible node assignment - for that pod would violate "MaxSkew" on some topology. For - example, in a 3-zone cluster, MaxSkew is set to 1, and pods - with the same labelSelector spread as 3/1/1: | zone1 | zone2 - | zone3 | | P P P | P | P | If WhenUnsatisfiable is - set to DoNotSchedule, incoming pod can only be scheduled to - zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on - zone2(zone3) satisfies MaxSkew(1). In other words, the cluster - can still be imbalanced, but scheduler won''t make it *more* - imbalanced. It''s a required field.' + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. type: string required: - maxSkew @@ -5771,41 +5787,45 @@ spec: description: Version the cluster should be on. type: string volumeMounts: - description: VolumeMounts allows configuration of additional VolumeMounts - on the output StatefulSet definition. VolumeMounts specified will - be appended to other VolumeMounts in the alertmanager container, + description: |- + VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. + VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, that are generated as a result of StorageSpec objects. items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: - description: Path within the container at which the volume should - be mounted. Must not contain ':'. + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. type: string mountPropagation: - description: mountPropagation determines how mounts are propagated - from the host to container and the other way around. When - not set, MountPropagationNone is used. This field is beta - in 1.10. + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. type: boolean subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). type: string subPathExpr: - description: Expanded path within the volume from which the - container's volume should be mounted. Behaves similarly to - SubPath but environment variable references $(VAR_NAME) are - expanded using the container's environment. Defaults to "" - (volume's root). SubPathExpr and SubPath are mutually exclusive. + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. type: string required: - mountPath @@ -5813,42 +5833,45 @@ spec: type: object type: array volumes: - description: Volumes allows configuration of additional volumes on - the output StatefulSet definition. Volumes specified will be appended - to other volumes that are generated as a result of StorageSpec objects. + description: |- + Volumes allows configuration of additional volumes on the output StatefulSet definition. + Volumes specified will be appended to other volumes that are generated as a result of + StorageSpec objects. items: description: Volume represents a named volume in a pod that may be accessed by any container in the pod. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + awsElasticBlockStore represents an AWS Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore properties: fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from - compromising the machine' + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: - description: 'partition is the partition in the volume that - you want to mount. If omitted, the default is to mount - by volume name. Examples: For volume /dev/sda1, you specify - the partition as "1". Similarly, the volume partition - for /dev/sda is "0" (or you can leave the property empty).' + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). format: int32 type: integer readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + readOnly value true will force the readOnly setting in VolumeMounts. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore type: boolean volumeID: - description: 'volumeID is unique ID of the persistent disk - resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore type: string required: - volumeID @@ -5870,10 +5893,10 @@ spec: storage type: string fsType: - description: fsType is Filesystem type to mount. Must be - a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: |- + fsType is Filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string kind: description: 'kind expected values are Shared: multiple @@ -5882,8 +5905,9 @@ spec: disk (only in managed availability set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean required: - diskName @@ -5894,8 +5918,9 @@ spec: on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretName: description: secretName is the name of secret that contains @@ -5913,8 +5938,9 @@ spec: shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is a collection - of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + monitors is Required: Monitors is a collection of Ceph monitors + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it items: type: string type: array @@ -5923,61 +5949,72 @@ spec: rather than the full Ceph tree, default is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: boolean secretFile: - description: 'secretFile is Optional: SecretFile is the - path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: string secretRef: - description: 'secretRef is Optional: SecretRef is reference - to the authentication secret for User, default is empty. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados user name, - default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + user is optional: User is the rados user name, default is admin + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached and - mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + cinder represents a cinder volume attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md properties: fsType: - description: 'fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md type: string readOnly: - description: 'readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md type: boolean secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to OpenStack.' + description: |- + secretRef is optional: points to a secret object containing parameters used to connect + to OpenStack. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume in cinder. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md type: string required: - volumeID @@ -5987,27 +6024,25 @@ spec: this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used to - set permissions on created files by default. Must be an - octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + defaultMode is optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer items: - description: items if unspecified, each key-value pair in - the Data field of the referenced ConfigMap will be projected - into the volume as a file whose name is the key and content - is the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in - the ConfigMap, the volume setup will error unless it is - marked optional. Paths must be relative and may not contain - the '..' path or start with '..'. + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. properties: @@ -6015,22 +6050,21 @@ spec: description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to - set permissions on this file. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. If not - specified, the volume defaultMode will be used. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative path of the file - to map the key to. May not be an absolute path. - May not contain the path element '..'. May not start - with the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key @@ -6038,8 +6072,10 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -6053,41 +6089,43 @@ spec: feature). properties: driver: - description: driver is the name of the CSI driver that handles - this volume. Consult with your admin for the correct name - as registered in the cluster. + description: |- + driver is the name of the CSI driver that handles this volume. + Consult with your admin for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the associated - CSI driver which will determine the default filesystem - to apply. + description: |- + fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated CSI driver + which will determine the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference to the - secret object containing sensitive information to pass - to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the secret - object contains more than one secret, all secret references - are passed. + description: |- + nodePublishSecretRef is a reference to the secret object containing + sensitive information to pass to the CSI driver to complete the CSI + NodePublishVolume and NodeUnpublishVolume calls. + This field is optional, and may be empty if no secret is required. If the + secret object contains more than one secret, all secret references are passed. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). + description: |- + readOnly specifies a read-only configuration for the volume. + Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific properties - that are passed to the CSI driver. Consult your driver's - documentation for supported values. + description: |- + volumeAttributes stores driver-specific properties that are passed to the CSI + driver. Consult your driver's documentation for supported values. type: object required: - driver @@ -6097,16 +6135,15 @@ spec: that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a Optional: mode bits used to set - permissions on created files by default. Must be an octal - value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + Optional: mode bits to use on created files by default. Must be a + Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer items: @@ -6133,15 +6170,13 @@ spec: type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set permissions - on this file, must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This might - be in conflict with other options that affect the - file mode, like fsGroup, and the result can be other - mode bits set.' + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: @@ -6152,10 +6187,9 @@ spec: with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. properties: containerName: description: 'Container name: required for volumes, @@ -6182,106 +6216,125 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory that - shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + emptyDir represents a temporary directory that shares a pod's lifetime. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir properties: medium: - description: 'medium represents what type of storage medium - should back this directory. The default is "" which means - to use the node''s default medium. Must be an empty string - (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local storage - required for this EmptyDir volume. The size limit is also - applicable for memory medium. The maximum usage on memory - medium EmptyDir would be the minimum value between the - SizeLimit specified here and the sum of memory limits - of all containers in a pod. The default is nil which means - that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle is tied - to the pod that defines it - it will be created before the - pod starts, and deleted when the pod is removed. \n Use this - if: a) the volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or capacity - tracking are needed, c) the storage driver is specified through - a storage class, and d) the storage driver supports dynamic - volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this volume - type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that persist - for longer than the lifecycle of an individual pod. \n Use - CSI for light-weight local ephemeral volumes if the CSI driver - is meant to be used that way - see the documentation of the - driver for more information. \n A pod can use both types of - ephemeral volumes and persistent volumes at the same time." + description: |- + ephemeral represents a volume that is handled by a cluster storage driver. + The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + and deleted when the pod is removed. + + + Use this if: + a) the volume is only needed while the pod runs, + b) features of normal volumes like restoring from snapshot or capacity + tracking are needed, + c) the storage driver is specified through a storage class, and + d) the storage driver supports dynamic volume provisioning through + a PersistentVolumeClaim (see EphemeralVolumeSource for more + information on the connection between this volume type + and PersistentVolumeClaim). + + + Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the lifecycle + of an individual pod. + + + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + be used that way - see the documentation of the driver for + more information. + + + A pod can use both types of ephemeral volumes and + persistent volumes at the same time. properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to - provision the volume. The pod in which this EphemeralVolumeSource - is embedded will be the owner of the PVC, i.e. the PVC - will be deleted together with the pod. The name of the - PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). \n - An existing PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid using an unrelated + description: |- + Will be used to create a stand-alone PVC to provision the volume. + The pod in which this EphemeralVolumeSource is embedded will be the + owner of the PVC, i.e. the PVC will be deleted together with the + pod. The name of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` array + entry. Pod validation will reject the pod if the concatenated name + is not valid for a PVC (for example, too long). + + + An existing PVC with that name that is not owned by the pod + will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created PVC - is meant to be used by the pod, the PVC has to updated - with an owner reference to the pod once the pod exists. - Normally this should not be necessary, but it may be useful - when manually reconstructing a broken cluster. \n This - field is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, must - not be nil." + the unrelated PVC is removed. If such a pre-created PVC is + meant to be used by the pod, the PVC has to updated with an + owner reference to the pod once the pod exists. Normally + this should not be necessary, but it may be useful when + manually reconstructing a broken cluster. + + + This field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. + + + Required, must not be nil. properties: metadata: - description: May contain labels and annotations that - will be copied into the PVC when creating it. No other - fields are allowed and will be rejected during validation. + description: |- + May contain labels and annotations that will be copied into the PVC + when creating it. No other fields are allowed and will be rejected during + validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into the PVC - that gets created from this template. The same fields - as in a PersistentVolumeClaim are also valid here. + description: |- + The specification for the PersistentVolumeClaim. The entire content is + copied unchanged into the PVC that gets created from this + template. The same fields as in a PersistentVolumeClaim + are also valid here. properties: accessModes: - description: 'accessModes contains the desired access - modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 items: type: string type: array dataSource: - description: 'dataSource field can be used to specify - either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) If the - provisioner or an external controller can support - the specified data source, it will create a new - volume based on the contents of the specified - data source. When the AnyVolumeDataSource feature - gate is enabled, dataSource contents will be copied - to dataSourceRef, and dataSourceRef contents will - be copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace is specified, - then dataSourceRef will not be copied to dataSource.' + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. properties: apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API - group. For any other third-party types, APIGroup - is required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being @@ -6297,45 +6350,36 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the object - from which to populate the volume with data, if - a non-empty volume is desired. This may be any - object from a non-empty API group (non core object) - or a PersistentVolumeClaim object. When this field - is specified, volume binding will only succeed - if the type of the specified object matches some - installed volume populator or dynamic provisioner. - This field will replace the functionality of the - dataSource field and as such if both fields are - non-empty, they must have the same value. For - backwards compatibility, when namespace isn''t - specified in dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to the same value - automatically if one of them is empty and the - other is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t set to the - same value and must be empty. There are three - important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types - of objects, dataSourceRef allows any non-core - object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping - them), dataSourceRef preserves all values, and - generates an error if a disallowed value is specified. - * While dataSource only allows local objects, - dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using the - namespace field of dataSourceRef requires the - CrossNamespaceVolumeDataSource feature gate to - be enabled.' + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. properties: apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API - group. For any other third-party types, APIGroup - is required. + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. type: string kind: description: Kind is the type of resource being @@ -6346,27 +6390,22 @@ spec: referenced type: string namespace: - description: Namespace is the namespace of resource - being referenced Note that when a namespace - is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant documentation - for details. (Alpha) This field requires the - CrossNamespaceVolumeDataSource feature gate - to be enabled. + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum resources - the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify - resource requirements that are lower than previous - value but must still be higher than capacity recorded - in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources properties: limits: additionalProperties: @@ -6375,8 +6414,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -6385,12 +6425,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. If Requests - is omitted for a container, it defaults to - Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object selector: @@ -6402,28 +6441,24 @@ spec: selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -6436,46 +6471,37 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name of the - StorageClass required by the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 type: string volumeAttributesClassName: - description: 'volumeAttributesClassName may be used - to set the VolumeAttributesClass used by this - claim. If specified, the CSI driver will create - or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This - has a different purpose than storageClassName, - it can be changed after the claim is created. - An empty string value means that no VolumeAttributesClass - will be applied to the claim but it''s not allowed - to reset this field to empty string once it is - set. If unspecified and the PersistentVolumeClaim - is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller - if it exists. If the resource referred to by volumeAttributesClass - does not exist, this PersistentVolumeClaim will - be set to a Pending state, as reflected by the - modifyVolumeStatus field, until such as a resource - exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - (Alpha) Using this field requires the VolumeAttributesClass - feature gate to be enabled.' + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. type: string volumeMode: - description: volumeMode defines what type of volume - is required by the claim. Value of Filesystem - is implied when not included in claim spec. + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. type: string volumeName: description: volumeName is the binding reference @@ -6492,19 +6518,20 @@ spec: pod. properties: fsType: - description: 'fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. TODO: how do we prevent errors in the - filesystem from compromising the machine' + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts.' + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean targetWWNs: description: 'targetWWNs is Optional: FC target worldwide @@ -6513,26 +6540,27 @@ spec: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide identifiers - (wwids) Either wwids or combination of targetWWNs and - lun must be set, but not both simultaneously.' + description: |- + wwids Optional: FC volume world wide identifiers (wwids) + Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. + description: |- + flexVolume represents a generic volume resource that is + provisioned/attached using an exec based plugin. properties: driver: description: driver is the name of the driver to use for this volume. type: string fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". The default filesystem depends - on FlexVolume script. + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. type: string options: additionalProperties: @@ -6541,20 +6569,23 @@ spec: command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts.' + description: |- + readOnly is Optional: defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretRef: - description: 'secretRef is Optional: secretRef is reference - to the secret object containing sensitive information - to pass to the plugin scripts. This may be empty if no - secret object is specified. If the secret object contains - more than one secret, all secrets are passed to the plugin - scripts.' + description: |- + secretRef is Optional: secretRef is reference to the secret object containing + sensitive information to pass to the plugin scripts. This may be + empty if no secret object is specified. If the secret object + contains more than one secret, all secrets are passed to the plugin + scripts. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6567,9 +6598,9 @@ spec: service being running properties: datasetName: - description: datasetName is Name of the dataset stored as - metadata -> name on the dataset for Flocker should be - considered as deprecated + description: |- + datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + should be considered as deprecated type: string datasetUUID: description: datasetUUID is the UUID of the dataset. This @@ -6577,52 +6608,55 @@ spec: type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + gcePersistentDisk represents a GCE Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk properties: fsType: - description: 'fsType is filesystem type of the volume that - you want to mount. Tip: Ensure that the filesystem type - is supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: |- + fsType is filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from - compromising the machine' + TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: - description: 'partition is the partition in the volume that - you want to mount. If omitted, the default is to mount - by volume name. Examples: For volume /dev/sda1, you specify - the partition as "1". Similarly, the volume partition - for /dev/sda is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource in - GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk type: string readOnly: - description: 'readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at a particular - revision. DEPRECATED: GitRepo is deprecated. To provision - a container with a git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the EmptyDir into - the Pod''s container.' + description: |- + gitRepo represents a git repository at a particular revision. + DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + into the Pod's container. properties: directory: - description: directory is the target directory name. Must - not contain or start with '..'. If '.' is supplied, the - volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. + description: |- + directory is the target directory name. + Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + git repository. Otherwise, if specified, the volume will contain the git repository in + the subdirectory with the given name. type: string repository: description: repository is the URL @@ -6635,51 +6669,61 @@ spec: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + description: |- + glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: 'endpoints is the endpoint name that details - Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + endpoints is the endpoint name that details Glusterfs topology. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: string path: - description: 'path is the Glusterfs volume path. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: string readOnly: - description: 'readOnly here will force the Glusterfs volume - to be mounted with read-only permissions. Defaults to - false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + Defaults to false. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file or directory - on the host machine that is directly exposed to the container. - This is generally used for system agents or other privileged - things that are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host directory - mounts and who can/can not mount host directories as read/write.' + description: |- + hostPath represents a pre-existing file or directory on the host + machine that is directly exposed to the container. This is generally + used for system agents or other privileged things that are allowed + to see the host machine. Most containers will NOT need this. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. properties: path: - description: 'path of the directory on the host. If the - path is a symlink, it will follow the link to the real - path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: |- + path of the directory on the host. + If the path is a symlink, it will follow the link to the real path. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath type: string type: - description: 'type for HostPath Volume Defaults to "" More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: |- + type for HostPath Volume + Defaults to "" + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource that is - attached to a kubelet''s host machine and then exposed to - the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + description: |- + iscsi represents an ISCSI Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://examples.k8s.io/volumes/iscsi/README.md properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether support iSCSI @@ -6690,56 +6734,59 @@ spec: Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from - compromising the machine' + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. + description: |- + initiatorName is the custom iSCSI Initiator Name. + If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + : will be created for the connection. type: string iqn: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name that uses - an iSCSI transport. Defaults to 'default' (tcp). + description: |- + iscsiInterface is the interface Name that uses an iSCSI transport. + Defaults to 'default' (tcp). type: string lun: description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal List. The - portal is either an IP or ip_addr:port if the port is - other than default (typically TCP ports 860 and 3260). + description: |- + portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. type: boolean secretRef: description: secretRef is the CHAP Secret for iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. The Portal - is either an IP or ip_addr:port if the port is other than - default (typically TCP ports 860 and 3260). + description: |- + targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). type: string required: - iqn @@ -6747,43 +6794,51 @@ spec: - targetPortal type: object name: - description: 'name of the volume. Must be a DNS_LABEL and unique - within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + name of the volume. + Must be a DNS_LABEL and unique within the pod. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string nfs: - description: 'nfs represents an NFS mount on the host that shares - a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + nfs represents an NFS mount on the host that shares a pod's lifetime + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs properties: path: - description: 'path that is exported by the NFS server. More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs type: string readOnly: - description: 'readOnly here will force the NFS export to - be mounted with read-only permissions. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + readOnly here will force the NFS export to be mounted with read-only permissions. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs type: boolean server: - description: 'server is the hostname or IP address of the - NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + server is the hostname or IP address of the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents a - reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: |- + persistentVolumeClaimVolumeSource represents a reference to a + PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: |- + claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims type: string readOnly: - description: readOnly Will force the ReadOnly setting in - VolumeMounts. Default false. + description: |- + readOnly Will force the ReadOnly setting in VolumeMounts. + Default false. type: boolean required: - claimName @@ -6793,10 +6848,10 @@ spec: persistent disk attached and mounted on kubelets host machine properties: fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string pdID: description: pdID is the ID that identifies Photon Controller @@ -6810,14 +6865,15 @@ spec: and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type to mount - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" - if unspecified. + description: |- + fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean volumeID: description: volumeID uniquely identifies a Portworx volume @@ -6830,14 +6886,13 @@ spec: configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to set permissions - on created files by default. Must be an octal value between - 0000 and 0777 or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path are - not affected by this setting. This might be in conflict - with other options that affect the file mode, like fsGroup, - and the result can be other mode bits set. + description: |- + defaultMode are the mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: @@ -6847,54 +6902,54 @@ spec: other supported volume types properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access - the `.spec.trustBundle` field of ClusterTrustBundle - objects in an auto-updating file. \n Alpha, gated - by the ClusterTrustBundleProjection feature gate. - \n ClusterTrustBundle objects can either be selected - by name, or by the combination of signer name and - a label selector. \n Kubelet performs aggressive - normalization of the PEM contents written into the - pod filesystem. Esoteric PEM features such as inter-block - comments and block headers are stripped. Certificates - are deduplicated. The ordering of certificates within - the file is arbitrary, and Kubelet may change the - order over time." + description: |- + ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + of ClusterTrustBundle objects in an auto-updating file. + + + Alpha, gated by the ClusterTrustBundleProjection feature gate. + + + ClusterTrustBundle objects can either be selected by name, or by the + combination of signer name and a label selector. + + + Kubelet performs aggressive normalization of the PEM contents written + into the pod filesystem. Esoteric PEM features such as inter-block + comments and block headers are stripped. Certificates are deduplicated. + The ordering of certificates within the file is arbitrary, and Kubelet + may change the order over time. properties: labelSelector: - description: Select all ClusterTrustBundles that - match this label selector. Only has effect - if signerName is set. Mutually-exclusive with - name. If unset, interpreted as "match nothing". If - set but empty, interpreted as "match everything". + description: |- + Select all ClusterTrustBundles that match this label selector. Only has + effect if signerName is set. Mutually-exclusive with name. If unset, + interpreted as "match nothing". If set but empty, interpreted as "match + everything". properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, a - key, and an operator that relates the - key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -6907,37 +6962,35 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only - "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic name: - description: Select a single ClusterTrustBundle - by object name. Mutually-exclusive with signerName - and labelSelector. + description: |- + Select a single ClusterTrustBundle by object name. Mutually-exclusive + with signerName and labelSelector. type: string optional: - description: If true, don't block pod startup - if the referenced ClusterTrustBundle(s) aren't - available. If using name, then the named ClusterTrustBundle - is allowed not to exist. If using signerName, - then the combination of signerName and labelSelector - is allowed to match zero ClusterTrustBundles. + description: |- + If true, don't block pod startup if the referenced ClusterTrustBundle(s) + aren't available. If using name, then the named ClusterTrustBundle is + allowed not to exist. If using signerName, then the combination of + signerName and labelSelector is allowed to match zero + ClusterTrustBundles. type: boolean path: description: Relative path from the volume root to write the bundle. type: string signerName: - description: Select all ClusterTrustBundles that - match this signer name. Mutually-exclusive with - name. The contents of all selected ClusterTrustBundles - will be unified and deduplicated. + description: |- + Select all ClusterTrustBundles that match this signer name. + Mutually-exclusive with name. The contents of all selected + ClusterTrustBundles will be unified and deduplicated. type: string required: - path @@ -6947,17 +7000,14 @@ spec: data to project properties: items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -6966,25 +7016,21 @@ spec: description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key @@ -6992,10 +7038,10 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -7034,17 +7080,13 @@ spec: type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: @@ -7056,10 +7098,9 @@ spec: with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. properties: containerName: description: 'Container name: required @@ -7092,17 +7133,14 @@ spec: to project properties: items: - description: items if unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. @@ -7111,25 +7149,21 @@ spec: description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key @@ -7137,10 +7171,10 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -7153,29 +7187,26 @@ spec: the serviceAccountToken data to project properties: audience: - description: audience is the intended audience - of the token. A recipient of a token must identify - itself with an identifier specified in the audience - of the token, and otherwise should reject the - token. The audience defaults to the identifier - of the apiserver. + description: |- + audience is the intended audience of the token. A recipient of a token + must identify itself with an identifier specified in the audience of the + token, and otherwise should reject the token. The audience defaults to the + identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, the - kubelet volume plugin will proactively rotate - the service account token. The kubelet will - start trying to rotate the token if the token - is older than 80 percent of its time to live - or if the token is older than 24 hours.Defaults - to 1 hour and must be at least 10 minutes. + description: |- + expirationSeconds is the requested duration of validity of the service + account token. As the token approaches expiration, the kubelet volume + plugin will proactively rotate the service account token. The kubelet will + start trying to rotate the token if the token is older than 80 percent of + its time to live or if the token is older than 24 hours.Defaults to 1 hour + and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative to the - mount point of the file to project the token - into. + description: |- + path is the path relative to the mount point of the file to project the + token into. type: string required: - path @@ -7188,28 +7219,30 @@ spec: that shares a pod's lifetime properties: group: - description: group to map volume access to Default is no - group + description: |- + group to map volume access to + Default is no group type: string readOnly: - description: readOnly here will force the Quobyte volume - to be mounted with read-only permissions. Defaults to - false. + description: |- + readOnly here will force the Quobyte volume to be mounted with read-only permissions. + Defaults to false. type: boolean registry: - description: registry represents a single or multiple Quobyte - Registry services specified as a string as host:port pair - (multiple entries are separated with commas) which acts - as the central registry for volumes + description: |- + registry represents a single or multiple Quobyte Registry services + specified as a string as host:port pair (multiple entries are separated with commas) + which acts as the central registry for volumes type: string tenant: - description: tenant owning the given Quobyte volume in the - Backend Used with dynamically provisioned Quobyte volumes, - value is set by the plugin + description: |- + tenant owning the given Quobyte volume in the Backend + Used with dynamically provisioned Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults to serivceaccount - user + description: |- + user to map volume access to + Defaults to serivceaccount user type: string volume: description: volume is a string that references an already @@ -7220,54 +7253,68 @@ spec: - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' + description: |- + rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: - description: 'fsType is the filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from - compromising the machine' + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: - description: 'image is the rados image name. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string keyring: - description: 'keyring is the path to key ring for RBDUser. - Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it items: type: string type: array pool: - description: 'pool is the rados pool name. Default is rbd. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + pool is the rados pool name. + Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string readOnly: - description: 'readOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: boolean secretRef: - description: 'secretRef is name of the authentication secret - for RBDUser. If provided overrides keyring. Default is - nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + secretRef is name of the authentication secret for RBDUser. If provided + overrides keyring. + Default is nil. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default is admin. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + user is the rados user name. + Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string required: - image @@ -7278,9 +7325,11 @@ spec: attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Default is "xfs". + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". + Default is "xfs". type: string gateway: description: gateway is the host address of the ScaleIO @@ -7291,17 +7340,20 @@ spec: Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret for ScaleIO - user and other sensitive information. If this is not provided, - Login operation will fail. + description: |- + secretRef references to the secret for ScaleIO user and other + sensitive information. If this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7310,8 +7362,8 @@ spec: with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage for - a volume should be ThickProvisioned or ThinProvisioned. + description: |- + storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. type: string storagePool: @@ -7323,9 +7375,9 @@ spec: configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated with - this volume source. + description: |- + volumeName is the name of a volume already created in the ScaleIO system + that is associated with this volume source. type: string required: - gateway @@ -7333,31 +7385,30 @@ spec: - system type: object secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + description: |- + secret represents a secret that should populate this volume. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret properties: defaultMode: - description: 'defaultMode is Optional: mode bits used to - set permissions on created files by default. Must be an - octal value between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults to - 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + defaultMode is Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values + for mode bits. Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer items: - description: items If unspecified, each key-value pair in - the Data field of the referenced Secret will be projected - into the volume as a file whose name is the key and content - is the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in - the Secret, the volume setup will error unless it is marked - optional. Paths must be relative and may not contain the - '..' path or start with '..'. + description: |- + items If unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. items: description: Maps a string key to a path within a volume. properties: @@ -7365,22 +7416,21 @@ spec: description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used to - set permissions on this file. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. If not - specified, the volume defaultMode will be used. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. format: int32 type: integer path: - description: path is the relative path of the file - to map the key to. May not be an absolute path. - May not contain the path element '..'. May not start - with the string '..'. + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. type: string required: - key @@ -7392,8 +7442,9 @@ spec: its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret in the - pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + description: |- + secretName is the name of the secret in the pod's namespace to use. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret type: string type: object storageos: @@ -7401,40 +7452,42 @@ spec: and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. Must - be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use for obtaining - the StorageOS API credentials. If not specified, default - values will be attempted. + description: |- + secretRef specifies the secret to use for obtaining the StorageOS API + credentials. If not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name of the - StorageOS volume. Volume names are only unique within - a namespace. + description: |- + volumeName is the human-readable name of the StorageOS volume. Volume + names are only unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope of the - volume within StorageOS. If no namespace is specified - then the Pod's namespace will be used. This allows the - Kubernetes name scoping to be mirrored within StorageOS - for tighter integration. Set VolumeName to any name to - override the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will be created. + description: |- + volumeNamespace specifies the scope of the volume within StorageOS. If no + namespace is specified then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default behaviour. + Set to "default" if you are not using namespaces within StorageOS. + Namespaces that do not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: @@ -7442,10 +7495,10 @@ spec: and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. Must be - a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. + description: |- + fsType is filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: description: storagePolicyID is the storage Policy Based @@ -7470,9 +7523,9 @@ spec: description: Defines the web command line flags when starting Alertmanager. properties: getConcurrency: - description: Maximum number of GET requests processed concurrently. - This corresponds to the Alertmanager's `--web.get-concurrency` - flag. + description: |- + Maximum number of GET requests processed concurrently. This corresponds to the + Alertmanager's `--web.get-concurrency` flag. format: int32 type: integer httpConfig: @@ -7482,27 +7535,31 @@ spec: description: List of headers that can be added to HTTP responses. properties: contentSecurityPolicy: - description: Set the Content-Security-Policy header to - HTTP responses. Unset if blank. + description: |- + Set the Content-Security-Policy header to HTTP responses. + Unset if blank. type: string strictTransportSecurity: - description: Set the Strict-Transport-Security header - to HTTP responses. Unset if blank. Please make sure - that you use this with care as this header might force - browsers to load Prometheus and the other applications - hosted on the same domain and subdomains over HTTPS. + description: |- + Set the Strict-Transport-Security header to HTTP responses. + Unset if blank. + Please make sure that you use this with care as this header might force + browsers to load Prometheus and the other applications hosted on the same + domain and subdomains over HTTPS. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security type: string xContentTypeOptions: - description: Set the X-Content-Type-Options header to - HTTP responses. Unset if blank. Accepted value is nosniff. + description: |- + Set the X-Content-Type-Options header to HTTP responses. + Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options enum: - "" - NoSniff type: string xFrameOptions: - description: Set the X-Frame-Options header to HTTP responses. + description: |- + Set the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options enum: @@ -7511,20 +7568,23 @@ spec: - SameOrigin type: string xXSSProtection: - description: Set the X-XSS-Protection header to all responses. - Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection + description: |- + Set the X-XSS-Protection header to all responses. + Unset if blank. + https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection type: string type: object http2: - description: Enable HTTP/2 support. Note that HTTP/2 is only - supported with TLS. When TLSConfig is not configured, HTTP/2 - will be disabled. Whenever the value of the field changes, - a rolling update will be triggered. + description: |- + Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. + When TLSConfig is not configured, HTTP/2 will be disabled. + Whenever the value of the field changes, a rolling update will be triggered. type: boolean type: object timeout: - description: Timeout for HTTP requests. This corresponds to the - Alertmanager's `--web.timeout` flag. + description: |- + Timeout for HTTP requests. This corresponds to the Alertmanager's + `--web.timeout` flag. format: int32 type: integer tlsConfig: @@ -7541,9 +7601,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -7561,9 +7622,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -7575,10 +7637,10 @@ spec: x-kubernetes-map-type: atomic type: object cipherSuites: - description: 'List of supported cipher suites for TLS versions - up to TLS 1.2. If empty, Go default cipher suites are used. - Available cipher suites are documented in the go documentation: - https://golang.org/pkg/crypto/tls/#pkg-constants' + description: |- + List of supported cipher suites for TLS versions up to TLS 1.2. If empty, + Go default cipher suites are used. Available cipher suites are documented + in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants items: type: string type: array @@ -7594,9 +7656,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -7614,9 +7677,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -7628,14 +7692,16 @@ spec: x-kubernetes-map-type: atomic type: object clientAuthType: - description: 'Server policy for client authentication. Maps - to ClientAuth Policies. For more detail on clientAuth options: - https://golang.org/pkg/crypto/tls/#ClientAuthType' + description: |- + Server policy for client authentication. Maps to ClientAuth Policies. + For more detail on clientAuth options: + https://golang.org/pkg/crypto/tls/#ClientAuthType type: string curvePreferences: - description: 'Elliptic curves that will be used in an ECDHE - handshake, in preference order. Available curves are documented - in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID' + description: |- + Elliptic curves that will be used in an ECDHE handshake, in preference + order. Available curves are documented in the go documentation: + https://golang.org/pkg/crypto/tls/#CurveID items: type: string type: array @@ -7647,8 +7713,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -7667,10 +7735,11 @@ spec: to TLS12. type: string preferServerCipherSuites: - description: Controls whether the server selects the client's - most preferred cipher suite, or the server's most preferred - cipher suite. If true then the server's preference, as expressed - in the order of elements in cipherSuites, is used. + description: |- + Controls whether the server selects the + client's most preferred cipher suite, or the server's most preferred + cipher suite. If true then the server's preference, as expressed in + the order of elements in cipherSuites, is used. type: boolean required: - cert @@ -7679,19 +7748,23 @@ spec: type: object type: object status: - description: 'Most recent observed status of the Alertmanager cluster. - Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + description: |- + Most recent observed status of the Alertmanager cluster. Read-only. + More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: availableReplicas: - description: Total number of available pods (ready for at least minReadySeconds) + description: |- + Total number of available pods (ready for at least minReadySeconds) targeted by this Alertmanager cluster. format: int32 type: integer conditions: description: The current state of the Alertmanager object. items: - description: Condition represents the state of the resources associated - with the Prometheus, Alertmanager or ThanosRuler resource. + description: |- + Condition represents the state of the resources associated with the + Prometheus, Alertmanager or ThanosRuler resource. properties: lastTransitionTime: description: lastTransitionTime is the time of the last update @@ -7703,11 +7776,12 @@ spec: condition's last transition. type: string observedGeneration: - description: ObservedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if `.metadata.generation` - is currently 12, but the `.status.conditions[].observedGeneration` - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + ObservedGeneration represents the .metadata.generation that the + condition was set based upon. For instance, if `.metadata.generation` is + currently 12, but the `.status.conditions[].observedGeneration` is 9, the + condition is out of date with respect to the current state of the + instance. format: int64 type: integer reason: @@ -7729,12 +7803,14 @@ spec: - type x-kubernetes-list-type: map paused: - description: Represents whether any actions on the underlying managed - objects are being performed. Only delete actions will be performed. + description: |- + Represents whether any actions on the underlying managed objects are + being performed. Only delete actions will be performed. type: boolean replicas: - description: Total number of non-terminated pods targeted by this - Alertmanager object (their labels match the selector). + description: |- + Total number of non-terminated pods targeted by this Alertmanager + object (their labels match the selector). format: int32 type: integer unavailableReplicas: @@ -7743,8 +7819,9 @@ spec: format: int32 type: integer updatedReplicas: - description: Total number of non-terminated pods targeted by this - Alertmanager object that have the desired version spec. + description: |- + Total number of non-terminated pods targeted by this Alertmanager + object that have the desired version spec. format: int32 type: integer required: diff --git a/bitnami/kube-prometheus/crds/crd-podmonitors.yaml b/bitnami/kube-prometheus/crds/crd-podmonitors.yaml index 651f972ee8b028..5fe4899835911b 100644 --- a/bitnami/kube-prometheus/crds/crd-podmonitors.yaml +++ b/bitnami/kube-prometheus/crds/crd-podmonitors.yaml @@ -1,12 +1,12 @@ # Source: https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v{version}/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml -# Version: 0.73.2 +# Version: 0.74.0 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.73.2 + controller-gen.kubebuilder.io/version: v0.14.0 + operator.prometheus.io/version: 0.74.0 name: podmonitors.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -27,14 +27,19 @@ spec: description: PodMonitor defines monitoring for a set of pods. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -43,58 +48,85 @@ spec: by Prometheus. properties: attachMetadata: - description: "`attachMetadata` defines additional metadata which is - added to the discovered targets. \n It requires Prometheus >= v2.37.0." + description: |- + `attachMetadata` defines additional metadata which is added to the + discovered targets. + + + It requires Prometheus >= v2.37.0. properties: node: - description: When set to true, Prometheus must have the `get` - permission on the `Nodes` objects. + description: |- + When set to true, Prometheus must have the `get` permission on the + `Nodes` objects. type: boolean type: object bodySizeLimit: - description: "When defined, bodySizeLimit specifies a job level limit - on the size of uncompressed response body that will be accepted - by Prometheus. \n It requires Prometheus >= v2.28.0." + description: |- + When defined, bodySizeLimit specifies a job level limit on the size + of uncompressed response body that will be accepted by Prometheus. + + + It requires Prometheus >= v2.28.0. pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ type: string jobLabel: - description: "The label to use to retrieve the job name from. `jobLabel` - selects the label from the associated Kubernetes `Pod` object which - will be used as the `job` label for all metrics. \n For example - if `jobLabel` is set to `foo` and the Kubernetes `Pod` object is - labeled with `foo: bar`, then Prometheus adds the `job=\"bar\"` - label to all ingested metrics. \n If the value of this field is - empty, the `job` label of the metrics defaults to the namespace - and name of the PodMonitor object (e.g. `/`)." + description: |- + The label to use to retrieve the job name from. + `jobLabel` selects the label from the associated Kubernetes `Pod` + object which will be used as the `job` label for all metrics. + + + For example if `jobLabel` is set to `foo` and the Kubernetes `Pod` + object is labeled with `foo: bar`, then Prometheus adds the `job="bar"` + label to all ingested metrics. + + + If the value of this field is empty, the `job` label of the metrics + defaults to the namespace and name of the PodMonitor object (e.g. `/`). type: string keepDroppedTargets: - description: "Per-scrape limit on the number of targets dropped by - relabeling that will be kept in memory. 0 means no limit. \n It - requires Prometheus >= v2.47.0." + description: |- + Per-scrape limit on the number of targets dropped by relabeling + that will be kept in memory. 0 means no limit. + + + It requires Prometheus >= v2.47.0. format: int64 type: integer labelLimit: - description: "Per-scrape limit on number of labels that will be accepted - for a sample. \n It requires Prometheus >= v2.27.0." + description: |- + Per-scrape limit on number of labels that will be accepted for a sample. + + + It requires Prometheus >= v2.27.0. format: int64 type: integer labelNameLengthLimit: - description: "Per-scrape limit on length of labels name that will - be accepted for a sample. \n It requires Prometheus >= v2.27.0." + description: |- + Per-scrape limit on length of labels name that will be accepted for a sample. + + + It requires Prometheus >= v2.27.0. format: int64 type: integer labelValueLengthLimit: - description: "Per-scrape limit on length of labels value that will - be accepted for a sample. \n It requires Prometheus >= v2.27.0." + description: |- + Per-scrape limit on length of labels value that will be accepted for a sample. + + + It requires Prometheus >= v2.27.0. format: int64 type: integer namespaceSelector: - description: Selector to select which namespaces the Kubernetes `Pods` - objects are discovered from. + description: |- + Selector to select which namespaces the Kubernetes `Pods` objects + are discovered from. properties: any: - description: Boolean describing whether all namespaces are selected - in contrast to a list restricting them. + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. type: boolean matchNames: description: List of namespace names to select from. @@ -105,13 +137,17 @@ spec: podMetricsEndpoints: description: List of endpoints part of this PodMonitor. items: - description: PodMetricsEndpoint defines an endpoint serving Prometheus - metrics to be scraped by Prometheus. + description: |- + PodMetricsEndpoint defines an endpoint serving Prometheus metrics to be scraped by + Prometheus. properties: authorization: - description: "`authorization` configures the Authorization header - credentials to use when scraping the target. \n Cannot be - set at the same time as `basicAuth`, or `oauth2`." + description: |- + `authorization` configures the Authorization header credentials to use when + scraping the target. + + + Cannot be set at the same time as `basicAuth`, or `oauth2`. properties: credentials: description: Selects a key of a Secret in the namespace @@ -122,8 +158,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -134,27 +172,38 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. The value - is case-insensitive. \n \"Basic\" is not a supported value. - \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: "`basicAuth` configures the Basic Authentication - credentials to use when scraping the target. \n Cannot be - set at the same time as `authorization`, or `oauth2`." + description: |- + `basicAuth` configures the Basic Authentication credentials to use when + scraping the target. + + + Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: - description: '`password` specifies a key of a Secret containing - the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -165,16 +214,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a Secret containing - the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -186,19 +238,23 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: "`bearerTokenSecret` specifies a key of a Secret - containing the bearer token for scraping targets. The secret - needs to be in the same namespace as the PodMonitor object - and readable by the Prometheus Operator. \n Deprecated: use - `authorization` instead." + description: |- + `bearerTokenSecret` specifies a key of a Secret containing the bearer + token for scraping targets. The secret needs to be in the same namespace + as the PodMonitor object and readable by the Prometheus Operator. + + + Deprecated: use `authorization` instead. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -213,43 +269,62 @@ spec: scraping the target.' type: boolean filterRunning: - description: "When true, the pods which are not running (e.g. - either in Failed or Succeeded state) are dropped during the - target discovery. \n If unset, the filtering is enabled. \n - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase" + description: |- + When true, the pods which are not running (e.g. either in Failed or + Succeeded state) are dropped during the target discovery. + + + If unset, the filtering is enabled. + + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase type: boolean followRedirects: - description: '`followRedirects` defines whether the scrape requests - should follow HTTP 3xx redirects.' + description: |- + `followRedirects` defines whether the scrape requests should follow HTTP + 3xx redirects. type: boolean honorLabels: - description: When true, `honorLabels` preserves the metric's - labels when they collide with the target's labels. + description: |- + When true, `honorLabels` preserves the metric's labels when they collide + with the target's labels. type: boolean honorTimestamps: - description: '`honorTimestamps` controls whether Prometheus - preserves the timestamps when exposed by the target.' + description: |- + `honorTimestamps` controls whether Prometheus preserves the timestamps + when exposed by the target. type: boolean interval: - description: "Interval at which Prometheus scrapes the metrics - from the target. \n If empty, Prometheus uses the global scrape - interval." + description: |- + Interval at which Prometheus scrapes the metrics from the target. + + + If empty, Prometheus uses the global scrape interval. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string metricRelabelings: - description: '`metricRelabelings` configures the relabeling - rules to apply to the samples before ingestion.' + description: |- + `metricRelabelings` configures the relabeling rules to apply to the + samples before ingestion. items: - description: "RelabelConfig allows dynamic rewriting of the - label set for targets, alerts, scraped samples and remote - write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + description: |- + RelabelConfig allows dynamic rewriting of the label set for targets, alerts, + scraped samples and remote write samples. + + + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config properties: action: default: replace - description: "Action to perform based on the regex matching. - \n `Uppercase` and `Lowercase` actions require Prometheus - >= v2.36.0. `DropEqual` and `KeepEqual` actions require - Prometheus >= v2.41.0. \n Default: \"Replace\"" + description: |- + Action to perform based on the regex matching. + + + `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. + `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. + + + Default: "Replace" enum: - replace - Replace @@ -275,9 +350,11 @@ spec: - DropEqual type: string modulus: - description: "Modulus to take of the hash of the source - label values. \n Only applicable when the action is - `HashMod`." + description: |- + Modulus to take of the hash of the source label values. + + + Only applicable when the action is `HashMod`. format: int64 type: integer regex: @@ -285,42 +362,56 @@ spec: value is matched. type: string replacement: - description: "Replacement value against which a Replace - action is performed if the regular expression matches. - \n Regex capture groups are available." + description: |- + Replacement value against which a Replace action is performed if the + regular expression matches. + + + Regex capture groups are available. type: string separator: description: Separator is the string between concatenated SourceLabels. type: string sourceLabels: - description: The source labels select values from existing - labels. Their content is concatenated using the configured - Separator and matched against the configured regular - expression. + description: |- + The source labels select values from existing labels. Their content is + concatenated using the configured Separator and matched against the + configured regular expression. items: - description: LabelName is a valid Prometheus label name - which may only contain ASCII letters, numbers, as - well as underscores. + description: |- + LabelName is a valid Prometheus label name which may only contain ASCII + letters, numbers, as well as underscores. pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ type: string type: array targetLabel: - description: "Label to which the resulting string is written - in a replacement. \n It is mandatory for `Replace`, - `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and - `DropEqual` actions. \n Regex capture groups are available." + description: |- + Label to which the resulting string is written in a replacement. + + + It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, + `KeepEqual` and `DropEqual` actions. + + + Regex capture groups are available. type: string type: object type: array oauth2: - description: "`oauth2` configures the OAuth2 settings to use - when scraping the target. \n It requires Prometheus >= 2.27.0. - \n Cannot be set at the same time as `authorization`, or `basicAuth`." + description: |- + `oauth2` configures the OAuth2 settings to use when scraping the target. + + + It requires Prometheus >= 2.27.0. + + + Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: - description: '`clientId` specifies a key of a Secret or - ConfigMap containing the OAuth2 client''s ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to use for the @@ -330,9 +421,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -350,9 +442,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -364,16 +457,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of a Secret - containing the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -386,8 +482,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the HTTP parameters - to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes used for @@ -413,35 +510,56 @@ spec: description: '`params` define optional HTTP URL parameters.' type: object path: - description: "HTTP path from which to scrape for metrics. \n - If empty, Prometheus uses the default value (e.g. `/metrics`)." + description: |- + HTTP path from which to scrape for metrics. + + + If empty, Prometheus uses the default value (e.g. `/metrics`). type: string port: - description: "Name of the Pod port which this endpoint refers - to. \n It takes precedence over `targetPort`." + description: |- + Name of the Pod port which this endpoint refers to. + + + It takes precedence over `targetPort`. type: string proxyUrl: - description: '`proxyURL` configures the HTTP Proxy URL (e.g. - "http://proxyserver:2195") to go through when scraping the - target.' + description: |- + `proxyURL` configures the HTTP Proxy URL (e.g. + "http://proxyserver:2195") to go through when scraping the target. type: string relabelings: - description: "`relabelings` configures the relabeling rules - to apply the target's metadata labels. \n The Operator automatically - adds relabelings for a few standard Kubernetes fields. \n - The original scrape job's name is available via the `__tmp_prometheus_job_name` - label. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + description: |- + `relabelings` configures the relabeling rules to apply the target's + metadata labels. + + + The Operator automatically adds relabelings for a few standard Kubernetes fields. + + + The original scrape job's name is available via the `__tmp_prometheus_job_name` label. + + + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config items: - description: "RelabelConfig allows dynamic rewriting of the - label set for targets, alerts, scraped samples and remote - write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + description: |- + RelabelConfig allows dynamic rewriting of the label set for targets, alerts, + scraped samples and remote write samples. + + + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config properties: action: default: replace - description: "Action to perform based on the regex matching. - \n `Uppercase` and `Lowercase` actions require Prometheus - >= v2.36.0. `DropEqual` and `KeepEqual` actions require - Prometheus >= v2.41.0. \n Default: \"Replace\"" + description: |- + Action to perform based on the regex matching. + + + `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. + `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. + + + Default: "Replace" enum: - replace - Replace @@ -467,9 +585,11 @@ spec: - DropEqual type: string modulus: - description: "Modulus to take of the hash of the source - label values. \n Only applicable when the action is - `HashMod`." + description: |- + Modulus to take of the hash of the source label values. + + + Only applicable when the action is `HashMod`. format: int64 type: integer regex: @@ -477,57 +597,75 @@ spec: value is matched. type: string replacement: - description: "Replacement value against which a Replace - action is performed if the regular expression matches. - \n Regex capture groups are available." + description: |- + Replacement value against which a Replace action is performed if the + regular expression matches. + + + Regex capture groups are available. type: string separator: description: Separator is the string between concatenated SourceLabels. type: string sourceLabels: - description: The source labels select values from existing - labels. Their content is concatenated using the configured - Separator and matched against the configured regular - expression. + description: |- + The source labels select values from existing labels. Their content is + concatenated using the configured Separator and matched against the + configured regular expression. items: - description: LabelName is a valid Prometheus label name - which may only contain ASCII letters, numbers, as - well as underscores. + description: |- + LabelName is a valid Prometheus label name which may only contain ASCII + letters, numbers, as well as underscores. pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ type: string type: array targetLabel: - description: "Label to which the resulting string is written - in a replacement. \n It is mandatory for `Replace`, - `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and - `DropEqual` actions. \n Regex capture groups are available." + description: |- + Label to which the resulting string is written in a replacement. + + + It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, + `KeepEqual` and `DropEqual` actions. + + + Regex capture groups are available. type: string type: object type: array scheme: - description: "HTTP scheme to use for scraping. \n `http` and - `https` are the expected values unless you rewrite the `__scheme__` - label via relabeling. \n If empty, Prometheus uses the default - value `http`." + description: |- + HTTP scheme to use for scraping. + + + `http` and `https` are the expected values unless you rewrite the + `__scheme__` label via relabeling. + + + If empty, Prometheus uses the default value `http`. enum: - http - https type: string scrapeTimeout: - description: "Timeout after which Prometheus considers the scrape - to be failed. \n If empty, Prometheus uses the global scrape - timeout unless it is less than the target's scrape interval - value in which the latter is used." + description: |- + Timeout after which Prometheus considers the scrape to be failed. + + + If empty, Prometheus uses the global scrape timeout unless it is less + than the target's scrape interval value in which the latter is used. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string targetPort: anyOf: - type: integer - type: string - description: "Name or number of the target port of the `Pod` - object behind the Service, the port must be specified with - container port property. \n Deprecated: use 'port' instead." + description: |- + Name or number of the target port of the `Pod` object behind the Service, the + port must be specified with container port property. + + + Deprecated: use 'port' instead. x-kubernetes-int-or-string: true tlsConfig: description: TLS configuration to use when scraping the target. @@ -544,9 +682,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -564,9 +703,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -588,9 +728,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -608,9 +749,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -633,8 +775,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -649,22 +793,27 @@ spec: type: string type: object trackTimestampsStaleness: - description: "`trackTimestampsStaleness` defines whether Prometheus - tracks staleness of the metrics that have an explicit timestamp - present in scraped data. Has no effect if `honorTimestamps` - is false. \n It requires Prometheus >= v2.48.0." + description: |- + `trackTimestampsStaleness` defines whether Prometheus tracks staleness of + the metrics that have an explicit timestamp present in scraped data. + Has no effect if `honorTimestamps` is false. + + + It requires Prometheus >= v2.48.0. type: boolean type: object type: array podTargetLabels: - description: '`podTargetLabels` defines the labels which are transferred - from the associated Kubernetes `Pod` object onto the ingested metrics.' + description: |- + `podTargetLabels` defines the labels which are transferred from the + associated Kubernetes `Pod` object onto the ingested metrics. items: type: string type: array sampleLimit: - description: '`sampleLimit` defines a per-scrape limit on the number - of scraped samples that will be accepted.' + description: |- + `sampleLimit` defines a per-scrape limit on the number of scraped samples + that will be accepted. format: int64 type: integer scrapeClass: @@ -672,15 +821,23 @@ spec: minLength: 1 type: string scrapeProtocols: - description: "`scrapeProtocols` defines the protocols to negotiate - during a scrape. It tells clients the protocols supported by Prometheus - in order of preference (from most to least preferred). \n If unset, - Prometheus uses its default value. \n It requires Prometheus >= - v2.49.0." + description: |- + `scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the + protocols supported by Prometheus in order of preference (from most to least preferred). + + + If unset, Prometheus uses its default value. + + + It requires Prometheus >= v2.49.0. items: - description: 'ScrapeProtocol represents a protocol used by Prometheus - for scraping metrics. Supported values are: * `OpenMetricsText0.0.1` - * `OpenMetricsText1.0.0` * `PrometheusProto` * `PrometheusText0.0.4`' + description: |- + ScrapeProtocol represents a protocol used by Prometheus for scraping metrics. + Supported values are: + * `OpenMetricsText0.0.1` + * `OpenMetricsText1.0.0` + * `PrometheusProto` + * `PrometheusText0.0.4` enum: - PrometheusProto - OpenMetricsText0.0.1 @@ -696,24 +853,24 @@ spec: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -726,17 +883,17 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic targetLimit: - description: '`targetLimit` defines a limit on the number of scraped - targets that will be accepted.' + description: |- + `targetLimit` defines a limit on the number of scraped targets that will + be accepted. format: int64 type: integer required: diff --git a/bitnami/kube-prometheus/crds/crd-probes.yaml b/bitnami/kube-prometheus/crds/crd-probes.yaml index fba874d124c49e..7c5c306ffc8779 100644 --- a/bitnami/kube-prometheus/crds/crd-probes.yaml +++ b/bitnami/kube-prometheus/crds/crd-probes.yaml @@ -1,12 +1,12 @@ # Source: https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v{version}/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml -# Version: 0.73.2 +# Version: 0.74.0 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.73.2 + controller-gen.kubebuilder.io/version: v0.14.0 + operator.prometheus.io/version: 0.74.0 name: probes.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -27,14 +27,19 @@ spec: description: Probe defines monitoring for a set of static targets or ingresses. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -54,8 +59,10 @@ spec: a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be @@ -66,25 +73,35 @@ spec: type: object x-kubernetes-map-type: atomic type: - description: "Defines the authentication type. The value is case-insensitive. - \n \"Basic\" is not a supported value. \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: 'BasicAuth allow an endpoint to authenticate over basic - authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint' + description: |- + BasicAuth allow an endpoint to authenticate over basic authentication. + More info: https://prometheus.io/docs/operating/configuration/#endpoint properties: password: - description: '`password` specifies a key of a Secret containing - the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be @@ -95,16 +112,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a Secret containing - the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be @@ -116,17 +136,20 @@ spec: x-kubernetes-map-type: atomic type: object bearerTokenSecret: - description: Secret to mount to read bearer token for scraping targets. - The secret needs to be in the same namespace as the probe and accessible - by the Prometheus Operator. + description: |- + Secret to mount to read bearer token for scraping targets. The secret + needs to be in the same namespace as the probe and accessible by + the Prometheus Operator. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -136,49 +159,62 @@ spec: type: object x-kubernetes-map-type: atomic interval: - description: Interval at which targets are probed using the configured - prober. If not specified Prometheus' global scrape interval is used. + description: |- + Interval at which targets are probed using the configured prober. + If not specified Prometheus' global scrape interval is used. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string jobName: description: The job name assigned to scraped metrics by default. type: string keepDroppedTargets: - description: "Per-scrape limit on the number of targets dropped by - relabeling that will be kept in memory. 0 means no limit. \n It - requires Prometheus >= v2.47.0." + description: |- + Per-scrape limit on the number of targets dropped by relabeling + that will be kept in memory. 0 means no limit. + + + It requires Prometheus >= v2.47.0. format: int64 type: integer labelLimit: - description: Per-scrape limit on number of labels that will be accepted - for a sample. Only valid in Prometheus versions 2.27.0 and newer. + description: |- + Per-scrape limit on number of labels that will be accepted for a sample. + Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer labelNameLengthLimit: - description: Per-scrape limit on length of labels name that will be - accepted for a sample. Only valid in Prometheus versions 2.27.0 - and newer. + description: |- + Per-scrape limit on length of labels name that will be accepted for a sample. + Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer labelValueLengthLimit: - description: Per-scrape limit on length of labels value that will - be accepted for a sample. Only valid in Prometheus versions 2.27.0 - and newer. + description: |- + Per-scrape limit on length of labels value that will be accepted for a sample. + Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer metricRelabelings: description: MetricRelabelConfigs to apply to samples before ingestion. items: - description: "RelabelConfig allows dynamic rewriting of the label - set for targets, alerts, scraped samples and remote write samples. - \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + description: |- + RelabelConfig allows dynamic rewriting of the label set for targets, alerts, + scraped samples and remote write samples. + + + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config properties: action: default: replace - description: "Action to perform based on the regex matching. - \n `Uppercase` and `Lowercase` actions require Prometheus - >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus - >= v2.41.0. \n Default: \"Replace\"" + description: |- + Action to perform based on the regex matching. + + + `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. + `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. + + + Default: "Replace" enum: - replace - Replace @@ -204,8 +240,11 @@ spec: - DropEqual type: string modulus: - description: "Modulus to take of the hash of the source label - values. \n Only applicable when the action is `HashMod`." + description: |- + Modulus to take of the hash of the source label values. + + + Only applicable when the action is `HashMod`. format: int64 type: integer regex: @@ -213,43 +252,55 @@ spec: value is matched. type: string replacement: - description: "Replacement value against which a Replace action - is performed if the regular expression matches. \n Regex capture - groups are available." + description: |- + Replacement value against which a Replace action is performed if the + regular expression matches. + + + Regex capture groups are available. type: string separator: description: Separator is the string between concatenated SourceLabels. type: string sourceLabels: - description: The source labels select values from existing labels. - Their content is concatenated using the configured Separator - and matched against the configured regular expression. + description: |- + The source labels select values from existing labels. Their content is + concatenated using the configured Separator and matched against the + configured regular expression. items: - description: LabelName is a valid Prometheus label name which - may only contain ASCII letters, numbers, as well as underscores. + description: |- + LabelName is a valid Prometheus label name which may only contain ASCII + letters, numbers, as well as underscores. pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ type: string type: array targetLabel: - description: "Label to which the resulting string is written - in a replacement. \n It is mandatory for `Replace`, `HashMod`, - `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. - \n Regex capture groups are available." + description: |- + Label to which the resulting string is written in a replacement. + + + It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, + `KeepEqual` and `DropEqual` actions. + + + Regex capture groups are available. type: string type: object type: array module: - description: 'The module to use for probing specifying how to probe - the target. Example module configuring in the blackbox exporter: - https://github.com/prometheus/blackbox_exporter/blob/master/example.yml' + description: |- + The module to use for probing specifying how to probe the target. + Example module configuring in the blackbox exporter: + https://github.com/prometheus/blackbox_exporter/blob/master/example.yml type: string oauth2: description: OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer. properties: clientId: - description: '`clientId` specifies a key of a Secret or ConfigMap - containing the OAuth2 client''s ID.' + description: |- + `clientId` specifies a key of a Secret or ConfigMap containing the + OAuth2 client's ID. properties: configMap: description: ConfigMap containing data to use for the targets. @@ -258,8 +309,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -277,8 +330,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -290,16 +345,19 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: '`clientSecret` specifies a key of a Secret containing - the OAuth2 client''s secret.' + description: |- + `clientSecret` specifies a key of a Secret containing the OAuth2 + client's secret. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be @@ -312,8 +370,9 @@ spec: endpointParams: additionalProperties: type: string - description: '`endpointParams` configures the HTTP parameters - to append to the token URL.' + description: |- + `endpointParams` configures the HTTP parameters to append to the token + URL. type: object scopes: description: '`scopes` defines the OAuth2 scopes used for the @@ -332,22 +391,24 @@ spec: - tokenUrl type: object prober: - description: Specification for the prober to use for probing targets. - The prober.URL parameter is required. Targets cannot be probed if - left empty. + description: |- + Specification for the prober to use for probing targets. + The prober.URL parameter is required. Targets cannot be probed if left empty. properties: path: default: /probe - description: Path to collect metrics from. Defaults to `/probe`. + description: |- + Path to collect metrics from. + Defaults to `/probe`. type: string proxyUrl: description: Optional ProxyURL. type: string scheme: - description: HTTP scheme to use for scraping. `http` and `https` - are the expected values unless you rewrite the `__scheme__` - label via relabeling. If empty, Prometheus uses the default - value `http`. + description: |- + HTTP scheme to use for scraping. + `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. + If empty, Prometheus uses the default value `http`. enum: - http - https @@ -368,15 +429,23 @@ spec: minLength: 1 type: string scrapeProtocols: - description: "`scrapeProtocols` defines the protocols to negotiate - during a scrape. It tells clients the protocols supported by Prometheus - in order of preference (from most to least preferred). \n If unset, - Prometheus uses its default value. \n It requires Prometheus >= - v2.49.0." + description: |- + `scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the + protocols supported by Prometheus in order of preference (from most to least preferred). + + + If unset, Prometheus uses its default value. + + + It requires Prometheus >= v2.49.0. items: - description: 'ScrapeProtocol represents a protocol used by Prometheus - for scraping metrics. Supported values are: * `OpenMetricsText0.0.1` - * `OpenMetricsText1.0.0` * `PrometheusProto` * `PrometheusText0.0.4`' + description: |- + ScrapeProtocol represents a protocol used by Prometheus for scraping metrics. + Supported values are: + * `OpenMetricsText0.0.1` + * `OpenMetricsText1.0.0` + * `PrometheusProto` + * `PrometheusText0.0.4` enum: - PrometheusProto - OpenMetricsText0.0.1 @@ -386,7 +455,8 @@ spec: type: array x-kubernetes-list-type: set scrapeTimeout: - description: Timeout for scraping metrics from the Prometheus exporter. + description: |- + Timeout for scraping metrics from the Prometheus exporter. If not specified, the Prometheus global scrape timeout is used. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string @@ -400,16 +470,18 @@ spec: targets to probe. properties: ingress: - description: ingress defines the Ingress objects to probe and - the relabeling configuration. If `staticConfig` is also defined, - `staticConfig` takes precedence. + description: |- + ingress defines the Ingress objects to probe and the relabeling + configuration. + If `staticConfig` is also defined, `staticConfig` takes precedence. properties: namespaceSelector: description: From which namespaces to select Ingress objects. properties: any: - description: Boolean describing whether all namespaces - are selected in contrast to a list restricting them. + description: |- + Boolean describing whether all namespaces are selected in contrast to a + list restricting them. type: boolean matchNames: description: List of namespace names to select from. @@ -418,23 +490,33 @@ spec: type: array type: object relabelingConfigs: - description: 'RelabelConfigs to apply to the label set of - the target before it gets scraped. The original ingress - address is available via the `__tmp_prometheus_ingress_address` - label. It can be used to customize the probed URL. The original - scrape job''s name is available via the `__tmp_prometheus_job_name` - label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + description: |- + RelabelConfigs to apply to the label set of the target before it gets + scraped. + The original ingress address is available via the + `__tmp_prometheus_ingress_address` label. It can be used to customize the + probed URL. + The original scrape job's name is available via the `__tmp_prometheus_job_name` label. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config items: - description: "RelabelConfig allows dynamic rewriting of - the label set for targets, alerts, scraped samples and - remote write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + description: |- + RelabelConfig allows dynamic rewriting of the label set for targets, alerts, + scraped samples and remote write samples. + + + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config properties: action: default: replace - description: "Action to perform based on the regex matching. - \n `Uppercase` and `Lowercase` actions require Prometheus - >= v2.36.0. `DropEqual` and `KeepEqual` actions require - Prometheus >= v2.41.0. \n Default: \"Replace\"" + description: |- + Action to perform based on the regex matching. + + + `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. + `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. + + + Default: "Replace" enum: - replace - Replace @@ -460,9 +542,11 @@ spec: - DropEqual type: string modulus: - description: "Modulus to take of the hash of the source - label values. \n Only applicable when the action is - `HashMod`." + description: |- + Modulus to take of the hash of the source label values. + + + Only applicable when the action is `HashMod`. format: int64 type: integer regex: @@ -470,31 +554,39 @@ spec: value is matched. type: string replacement: - description: "Replacement value against which a Replace - action is performed if the regular expression matches. - \n Regex capture groups are available." + description: |- + Replacement value against which a Replace action is performed if the + regular expression matches. + + + Regex capture groups are available. type: string separator: description: Separator is the string between concatenated SourceLabels. type: string sourceLabels: - description: The source labels select values from existing - labels. Their content is concatenated using the configured - Separator and matched against the configured regular - expression. + description: |- + The source labels select values from existing labels. Their content is + concatenated using the configured Separator and matched against the + configured regular expression. items: - description: LabelName is a valid Prometheus label - name which may only contain ASCII letters, numbers, - as well as underscores. + description: |- + LabelName is a valid Prometheus label name which may only contain ASCII + letters, numbers, as well as underscores. pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ type: string type: array targetLabel: - description: "Label to which the resulting string is - written in a replacement. \n It is mandatory for `Replace`, - `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and - `DropEqual` actions. \n Regex capture groups are available." + description: |- + Label to which the resulting string is written in a replacement. + + + It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, + `KeepEqual` and `DropEqual` actions. + + + Regex capture groups are available. type: string type: object type: array @@ -505,8 +597,8 @@ spec: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: @@ -514,17 +606,16 @@ spec: applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists or - DoesNotExist, the values array must be empty. - This array is replaced during a strategic merge - patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -536,19 +627,20 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic type: object staticConfig: - description: 'staticConfig defines the static list of targets - to probe and the relabeling configuration. If `ingress` is also - defined, `staticConfig` takes precedence. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config.' + description: |- + staticConfig defines the static list of targets to probe and the + relabeling configuration. + If `ingress` is also defined, `staticConfig` takes precedence. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config. properties: labels: additionalProperties: @@ -557,19 +649,29 @@ spec: targets. type: object relabelingConfigs: - description: 'RelabelConfigs to apply to the label set of - the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + description: |- + RelabelConfigs to apply to the label set of the targets before it gets + scraped. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config items: - description: "RelabelConfig allows dynamic rewriting of - the label set for targets, alerts, scraped samples and - remote write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + description: |- + RelabelConfig allows dynamic rewriting of the label set for targets, alerts, + scraped samples and remote write samples. + + + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config properties: action: default: replace - description: "Action to perform based on the regex matching. - \n `Uppercase` and `Lowercase` actions require Prometheus - >= v2.36.0. `DropEqual` and `KeepEqual` actions require - Prometheus >= v2.41.0. \n Default: \"Replace\"" + description: |- + Action to perform based on the regex matching. + + + `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. + `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. + + + Default: "Replace" enum: - replace - Replace @@ -595,9 +697,11 @@ spec: - DropEqual type: string modulus: - description: "Modulus to take of the hash of the source - label values. \n Only applicable when the action is - `HashMod`." + description: |- + Modulus to take of the hash of the source label values. + + + Only applicable when the action is `HashMod`. format: int64 type: integer regex: @@ -605,31 +709,39 @@ spec: value is matched. type: string replacement: - description: "Replacement value against which a Replace - action is performed if the regular expression matches. - \n Regex capture groups are available." + description: |- + Replacement value against which a Replace action is performed if the + regular expression matches. + + + Regex capture groups are available. type: string separator: description: Separator is the string between concatenated SourceLabels. type: string sourceLabels: - description: The source labels select values from existing - labels. Their content is concatenated using the configured - Separator and matched against the configured regular - expression. + description: |- + The source labels select values from existing labels. Their content is + concatenated using the configured Separator and matched against the + configured regular expression. items: - description: LabelName is a valid Prometheus label - name which may only contain ASCII letters, numbers, - as well as underscores. + description: |- + LabelName is a valid Prometheus label name which may only contain ASCII + letters, numbers, as well as underscores. pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ type: string type: array targetLabel: - description: "Label to which the resulting string is - written in a replacement. \n It is mandatory for `Replace`, - `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and - `DropEqual` actions. \n Regex capture groups are available." + description: |- + Label to which the resulting string is written in a replacement. + + + It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, + `KeepEqual` and `DropEqual` actions. + + + Regex capture groups are available. type: string type: object type: array @@ -654,8 +766,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -673,8 +787,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -695,8 +811,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -714,8 +832,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -737,8 +857,10 @@ spec: a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be diff --git a/bitnami/kube-prometheus/crds/crd-prometheusagents.yaml b/bitnami/kube-prometheus/crds/crd-prometheusagents.yaml index df214da550914b..bc1468e1714e2d 100644 --- a/bitnami/kube-prometheus/crds/crd-prometheusagents.yaml +++ b/bitnami/kube-prometheus/crds/crd-prometheusagents.yaml @@ -1,12 +1,12 @@ # Source: https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v{version}/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml -# Version: 0.73.2 +# Version: 0.74.0 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - operator.prometheus.io/version: 0.73.2 + controller-gen.kubebuilder.io/version: v0.14.0 + operator.prometheus.io/version: 0.74.0 name: prometheusagents.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -54,31 +54,41 @@ spec: description: PrometheusAgent defines a Prometheus agent deployment. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: 'Specification of the desired behavior of the Prometheus - agent. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + description: |- + Specification of the desired behavior of the Prometheus agent. More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: additionalArgs: - description: "AdditionalArgs allows setting additional arguments for - the 'prometheus' container. \n It is intended for e.g. activating - hidden flags which are not supported by the dedicated configuration - options yet. The arguments are passed as-is to the Prometheus container - which may cause issues if they are invalid or not supported by the - given Prometheus version. \n In case of an argument conflict (e.g. - an argument which is already set by the operator itself) or when - providing an invalid argument, the reconciliation will fail and - an error will be logged." + description: |- + AdditionalArgs allows setting additional arguments for the 'prometheus' container. + + + It is intended for e.g. activating hidden flags which are not supported by + the dedicated configuration options yet. The arguments are passed as-is to the + Prometheus container which may cause issues if they are invalid or not supported + by the given Prometheus version. + + + In case of an argument conflict (e.g. an argument which is already set by the + operator itself) or when providing an invalid argument, the reconciliation will + fail and an error will be logged. items: description: Argument as part of the AdditionalArgs list. properties: @@ -95,25 +105,28 @@ spec: type: object type: array additionalScrapeConfigs: - description: 'AdditionalScrapeConfigs allows specifying a key of a - Secret containing additional Prometheus scrape configurations. Scrape - configurations specified are appended to the configurations generated - by the Prometheus Operator. Job configurations specified must have - the form as specified in the official Prometheus documentation: + description: |- + AdditionalScrapeConfigs allows specifying a key of a Secret containing + additional Prometheus scrape configurations. Scrape configurations + specified are appended to the configurations generated by the Prometheus + Operator. Job configurations specified must have the form as specified + in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. - As scrape configs are appended, the user is responsible to make - sure it is valid. Note that using this feature may expose the possibility - to break upgrades of Prometheus. It is advised to review Prometheus - release notes to ensure that no incompatible scrape configs are - going to break Prometheus after the upgrade.' + As scrape configs are appended, the user is responsible to make sure it + is valid. Note that using this feature may expose the possibility to + break upgrades of Prometheus. It is advised to review Prometheus release + notes to ensure that no incompatible scrape configs are going to break + Prometheus after the upgrade. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must be defined @@ -130,22 +143,20 @@ spec: pod. properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node matches - the corresponding matchExpressions; the node(s) with the - highest sum are the most preferred. + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects (i.e. - is also a no-op). + description: |- + An empty preferred scheduling term matches all objects with implicit weight 0 + (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). properties: preference: description: A node selector term, associated with the @@ -155,30 +166,26 @@ spec: description: A list of node selector requirements by node's labels. items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. items: type: string type: array @@ -191,30 +198,26 @@ spec: description: A list of node selector requirements by node's fields. items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. items: type: string type: array @@ -236,50 +239,46 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to an update), the system may or may not try to - eventually evict the pod from its node. + description: |- + If the affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from its node. properties: nodeSelectorTerms: description: Required. A list of node selector terms. The terms are ORed. items: - description: A null or empty node selector term matches - no objects. The requirements of them are ANDed. The - TopologySelectorTerm type implements a subset of the - NodeSelectorTerm. + description: |- + A null or empty node selector term matches no objects. The requirements of + them are ANDed. + The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. properties: matchExpressions: description: A list of node selector requirements by node's labels. items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. items: type: string type: array @@ -292,30 +291,26 @@ spec: description: A list of node selector requirements by node's fields. items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A node selector requirement is a selector that contains values, a key, and an operator + that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. + description: |- + Represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. + description: |- + An array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. If the operator is Gt or Lt, the values + array must have a single element, which will be interpreted as an integer. + This array is replaced during a strategic merge patch. items: type: string type: array @@ -337,16 +332,15 @@ spec: this pod in the same node, zone, etc. as some other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; the + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm @@ -357,37 +351,33 @@ spec: with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, - in this case pods. If it's null, this PodAffinityTerm - matches with no Pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -400,89 +390,74 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label - keys to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged - with `LabelSelector` as `key in (value)` to select - the group of existing pods which pods will be - taken into consideration for the incoming pod's - pod (anti) affinity. Keys that don't exist in - the incoming pod labels will be ignored. The default - value is empty. The same key is forbidden to exist - in both MatchLabelKeys and LabelSelector. Also, - MatchLabelKeys cannot be set when LabelSelector - isn't set. This is an alpha field and requires - enabling MatchLabelKeysInPodAffinity feature gate. + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label - keys to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged - with `LabelSelector` as `key notin (value)` to - select the group of existing pods which pods will - be taken into consideration for the incoming pod's - pod (anti) affinity. Keys that don't exist in - the incoming pod labels will be ignored. The default - value is empty. The same key is forbidden to exist - in both MismatchLabelKeys and LabelSelector. Also, - MismatchLabelKeys cannot be set when LabelSelector - isn't set. This is an alpha field and requires - enabling MatchLabelKeysInPodAffinity feature gate. + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -495,40 +470,37 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. type: string required: - topologyKey type: object weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. + description: |- + weight associated with matching the corresponding podAffinityTerm, + in the range 1-100. format: int32 type: integer required: @@ -537,53 +509,51 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to a pod label update), the system may or may - not try to eventually evict the pod from its node. When - there are multiple elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, i.e. all terms - must be satisfied. + description: |- + If the affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod label update), the + system may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all terms must be satisfied. items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of - pods is running + description: |- + Defines a set of pods (namely those matching the labelSelector + relative to the given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node whose value of + the label with key matches that of any node on which + a pod of the set of pods is running properties: labelSelector: - description: A label query over a set of resources, - in this case pods. If it's null, this PodAffinityTerm - matches with no Pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -595,84 +565,74 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys - to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged with - `LabelSelector` as `key in (value)` to select the - group of existing pods which pods will be taken into - consideration for the incoming pod's pod (anti) affinity. - Keys that don't exist in the incoming pod labels will - be ignored. The default value is empty. The same key - is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector - isn't set. This is an alpha field and requires enabling - MatchLabelKeysInPodAffinity feature gate. + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label - keys to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged with - `LabelSelector` as `key notin (value)` to select the - group of existing pods which pods will be taken into - consideration for the incoming pod's pod (anti) affinity. - Keys that don't exist in the incoming pod labels will - be ignored. The default value is empty. The same key - is forbidden to exist in both MismatchLabelKeys and - LabelSelector. Also, MismatchLabelKeys cannot be set - when LabelSelector isn't set. This is an alpha field - and requires enabling MatchLabelKeysInPodAffinity - feature gate. + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied to the - union of the namespaces selected by this field and - the ones listed in the namespaces field. null selector - and null or empty namespaces list means "this pod's - namespace". An empty selector ({}) matches all namespaces. + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -684,32 +644,28 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace - names that the term applies to. The term is applied - to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. null or - empty namespaces list and null namespaceSelector means - "this pod's namespace". + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of - any node on which any of the selected pods is running. + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. Empty topologyKey is not allowed. type: string required: @@ -723,16 +679,15 @@ spec: other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the anti-affinity expressions specified - by this field, but it may choose a node that violates one - or more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node has - pods which matches the corresponding podAffinityTerm; the + description: |- + The scheduler will prefer to schedule pods to nodes that satisfy + the anti-affinity expressions specified by this field, but it may choose + a node that violates one or more of the expressions. The node that is + most preferred is the one with the greatest sum of weights, i.e. + for each node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field and adding + "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm @@ -743,37 +698,33 @@ spec: with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, - in this case pods. If it's null, this PodAffinityTerm - matches with no Pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -786,89 +737,74 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label - keys to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged - with `LabelSelector` as `key in (value)` to select - the group of existing pods which pods will be - taken into consideration for the incoming pod's - pod (anti) affinity. Keys that don't exist in - the incoming pod labels will be ignored. The default - value is empty. The same key is forbidden to exist - in both MatchLabelKeys and LabelSelector. Also, - MatchLabelKeys cannot be set when LabelSelector - isn't set. This is an alpha field and requires - enabling MatchLabelKeysInPodAffinity feature gate. + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label - keys to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged - with `LabelSelector` as `key notin (value)` to - select the group of existing pods which pods will - be taken into consideration for the incoming pod's - pod (anti) affinity. Keys that don't exist in - the incoming pod labels will be ignored. The default - value is empty. The same key is forbidden to exist - in both MismatchLabelKeys and LabelSelector. Also, - MismatchLabelKeys cannot be set when LabelSelector - isn't set. This is an alpha field and requires - enabling MatchLabelKeysInPodAffinity feature gate. + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic merge patch. items: type: string @@ -881,40 +817,37 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. + Empty topologyKey is not allowed. type: string required: - topologyKey type: object weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. + description: |- + weight associated with matching the corresponding podAffinityTerm, + in the range 1-100. format: int32 type: integer required: @@ -923,53 +856,51 @@ spec: type: object type: array requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during - pod execution (e.g. due to a pod label update), the system - may or may not try to eventually evict the pod from its - node. When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, i.e. - all terms must be satisfied. + description: |- + If the anti-affinity requirements specified by this field are not met at + scheduling time, the pod will not be scheduled onto the node. + If the anti-affinity requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod label update), the + system may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding to each + podAffinityTerm are intersected, i.e. all terms must be satisfied. items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of - pods is running + description: |- + Defines a set of pods (namely those matching the labelSelector + relative to the given namespace(s)) that this pod should be + co-located (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node whose value of + the label with key matches that of any node on which + a pod of the set of pods is running properties: labelSelector: - description: A label query over a set of resources, - in this case pods. If it's null, this PodAffinityTerm - matches with no Pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -981,84 +912,74 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: MatchLabelKeys is a set of pod label keys - to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged with - `LabelSelector` as `key in (value)` to select the - group of existing pods which pods will be taken into - consideration for the incoming pod's pod (anti) affinity. - Keys that don't exist in the incoming pod labels will - be ignored. The default value is empty. The same key - is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector - isn't set. This is an alpha field and requires enabling - MatchLabelKeysInPodAffinity feature gate. + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: MismatchLabelKeys is a set of pod label - keys to select which pods will be taken into consideration. - The keys are used to lookup values from the incoming - pod labels, those key-value labels are merged with - `LabelSelector` as `key notin (value)` to select the - group of existing pods which pods will be taken into - consideration for the incoming pod's pod (anti) affinity. - Keys that don't exist in the incoming pod labels will - be ignored. The default value is empty. The same key - is forbidden to exist in both MismatchLabelKeys and - LabelSelector. Also, MismatchLabelKeys cannot be set - when LabelSelector isn't set. This is an alpha field - and requires enabling MatchLabelKeysInPodAffinity - feature gate. + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied to the - union of the namespaces selected by this field and - the ones listed in the namespaces field. null selector - and null or empty namespaces list means "this pod's - namespace". An empty selector ({}) matches all namespaces. + description: |- + A label query over the set of namespaces that the term applies to. + The term is applied to the union of the namespaces selected by this field + and the ones listed in the namespaces field. + null selector and null or empty namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. items: type: string type: array @@ -1070,32 +991,28 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace - names that the term applies to. The term is applied - to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. null or - empty namespaces list and null namespaceSelector means - "this pod's namespace". + description: |- + namespaces specifies a static list of namespace names that the term applies to. + The term is applied to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector means "this pod's namespace". items: type: string type: array topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of - any node on which any of the selected pods is running. + description: |- + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where co-located is defined as running on a node + whose value of the label with key topologyKey matches that of any node on which any of the + selected pods is running. Empty topologyKey is not allowed. type: string required: @@ -1105,14 +1022,20 @@ spec: type: object type: object apiserverConfig: - description: 'APIServerConfig allows specifying a host and auth methods - to access the Kuberntees API server. If null, Prometheus is assumed - to run inside of the cluster: it will discover the API servers automatically - and use the Pod''s CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.' + description: |- + APIServerConfig allows specifying a host and auth methods to access the + Kuberntees API server. + If null, Prometheus is assumed to run inside of the cluster: it will + discover the API servers automatically and use the Pod's CA certificate + and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. properties: authorization: - description: "Authorization section for the API server. \n Cannot - be set at the same time as `basicAuth`, `bearerToken`, or `bearerTokenFile`." + description: |- + Authorization section for the API server. + + + Cannot be set at the same time as `basicAuth`, `bearerToken`, or + `bearerTokenFile`. properties: credentials: description: Selects a key of a Secret in the namespace that @@ -1123,8 +1046,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1139,27 +1064,38 @@ spec: with `credentials`. type: string type: - description: "Defines the authentication type. The value is - case-insensitive. \n \"Basic\" is not a supported value. - \n Default: \"Bearer\"" + description: |- + Defines the authentication type. The value is case-insensitive. + + + "Basic" is not a supported value. + + + Default: "Bearer" type: string type: object basicAuth: - description: "BasicAuth configuration for the API server. \n Cannot - be set at the same time as `authorization`, `bearerToken`, or - `bearerTokenFile`." + description: |- + BasicAuth configuration for the API server. + + + Cannot be set at the same time as `authorization`, `bearerToken`, or + `bearerTokenFile`. properties: password: - description: '`password` specifies a key of a Secret containing - the password for authentication.' + description: |- + `password` specifies a key of a Secret containing the password for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1170,16 +1106,19 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: '`username` specifies a key of a Secret containing - the username for authentication.' + description: |- + `username` specifies a key of a Secret containing the username for + authentication. properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1191,19 +1130,27 @@ spec: x-kubernetes-map-type: atomic type: object bearerToken: - description: "*Warning: this field shouldn't be used because the - token value appears in clear-text. Prefer using `authorization`.* - \n Deprecated: this will be removed in a future release." + description: |- + *Warning: this field shouldn't be used because the token value appears + in clear-text. Prefer using `authorization`.* + + + Deprecated: this will be removed in a future release. type: string bearerTokenFile: - description: "File to read bearer token for accessing apiserver. - \n Cannot be set at the same time as `basicAuth`, `authorization`, - or `bearerToken`. \n Deprecated: this will be removed in a future - release. Prefer using `authorization`." + description: |- + File to read bearer token for accessing apiserver. + + + Cannot be set at the same time as `basicAuth`, `authorization`, or `bearerToken`. + + + Deprecated: this will be removed in a future release. Prefer using `authorization`. type: string host: - description: Kubernetes API address consisting of a hostname or - IP address followed by an optional port number. + description: |- + Kubernetes API address consisting of a hostname or IP address followed + by an optional port number. type: string tlsConfig: description: TLS Config to use for the API server. @@ -1220,9 +1167,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -1240,9 +1188,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1268,9 +1217,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -1288,9 +1238,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1321,8 +1272,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1340,77 +1293,97 @@ spec: - host type: object arbitraryFSAccessThroughSMs: - description: When true, ServiceMonitor, PodMonitor and Probe object - are forbidden to reference arbitrary files on the file system of - the 'prometheus' container. When a ServiceMonitor's endpoint specifies - a `bearerTokenFile` value (e.g. '/var/run/secrets/kubernetes.io/serviceaccount/token'), - a malicious target can get access to the Prometheus service account's - token in the Prometheus' scrape request. Setting `spec.arbitraryFSAccessThroughSM` - to 'true' would prevent the attack. Users should instead provide - the credentials using the `spec.bearerTokenSecret` field. + description: |- + When true, ServiceMonitor, PodMonitor and Probe object are forbidden to + reference arbitrary files on the file system of the 'prometheus' + container. + When a ServiceMonitor's endpoint specifies a `bearerTokenFile` value + (e.g. '/var/run/secrets/kubernetes.io/serviceaccount/token'), a + malicious target can get access to the Prometheus service account's + token in the Prometheus' scrape request. Setting + `spec.arbitraryFSAccessThroughSM` to 'true' would prevent the attack. + Users should instead provide the credentials using the + `spec.bearerTokenSecret` field. properties: deny: type: boolean type: object + automountServiceAccountToken: + description: |- + AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. + If the field isn't set, the operator mounts the service account token by default. + + + **Warning:** be aware that by default, Prometheus requires the service account token for Kubernetes service discovery. + It is possible to use strategic merge patch to project the service account token into the 'prometheus' container. + type: boolean bodySizeLimit: - description: BodySizeLimit defines per-scrape on response body size. + description: |- + BodySizeLimit defines per-scrape on response body size. Only valid in Prometheus versions 2.45.0 and newer. pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ type: string configMaps: - description: ConfigMaps is a list of ConfigMaps in the same namespace - as the Prometheus object, which shall be mounted into the Prometheus - Pods. Each ConfigMap is added to the StatefulSet definition as a - volume named `configmap-`. The ConfigMaps are mounted - into /etc/prometheus/configmaps/ in the 'prometheus' - container. + description: |- + ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus + object, which shall be mounted into the Prometheus Pods. + Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-`. + The ConfigMaps are mounted into /etc/prometheus/configmaps/ in the 'prometheus' container. items: type: string type: array containers: - description: "Containers allows injecting additional containers or - modifying operator generated containers. This can be used to allow - adding an authentication proxy to the Pods or to change the behavior - of an operator generated container. Containers described here modify - an operator generated container if they share the same name and - modifications are done via a strategic merge patch. \n The names - of containers managed by the operator are: * `prometheus` * `config-reloader` - * `thanos-sidecar` \n Overriding containers is entirely outside - the scope of what the maintainers will support and by doing so, - you accept that this behaviour may break at any time without notice." + description: |- + Containers allows injecting additional containers or modifying operator + generated containers. This can be used to allow adding an authentication + proxy to the Pods or to change the behavior of an operator generated + container. Containers described here modify an operator generated + container if they share the same name and modifications are done via a + strategic merge patch. + + + The names of containers managed by the operator are: + * `prometheus` + * `config-reloader` + * `thanos-sidecar` + + + Overriding containers is entirely outside the scope of what the + maintainers will support and by doing so, you accept that this behaviour + may break at any time without notice. items: description: A single application container that you want to run within a pod. properties: args: - description: 'Arguments to the entrypoint. The container image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will - be unchanged. Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references - will never be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Arguments to the entrypoint. + The container image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array command: - description: 'Entrypoint array. Not executed within a shell. - The container image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: - i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether - the variable exists or not. Cannot be updated. More info: - https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Entrypoint array. Not executed within a shell. + The container image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array env: - description: List of environment variables to set in the container. + description: |- + List of environment variables to set in the container. Cannot be updated. items: description: EnvVar represents an environment variable present @@ -1421,16 +1394,16 @@ spec: a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - the container and any service environment variables. - If a variable cannot be resolved, the reference in the - input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string - literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists - or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's value. @@ -1443,10 +1416,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or @@ -1457,11 +1430,9 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema the FieldPath @@ -1476,11 +1447,9 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required for volumes, @@ -1510,10 +1479,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -1529,13 +1498,13 @@ spec: type: object type: array envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be - a C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key - will take precedence. Cannot be updated. + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. items: description: EnvFromSource represents the source of a set of ConfigMaps @@ -1544,9 +1513,10 @@ spec: description: The ConfigMap to select from properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be @@ -1562,9 +1532,10 @@ spec: description: The Secret to select from properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -1574,40 +1545,42 @@ spec: type: object type: array image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. type: string imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images type: string lifecycle: - description: Actions that the management system should take - in response to container lifecycle events. Cannot be updated. + description: |- + Actions that the management system should take in response to container lifecycle events. + Cannot be updated. properties: postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -1616,9 +1589,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -1628,9 +1601,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -1647,13 +1620,15 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port @@ -1671,10 +1646,10 @@ spec: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to connect to, @@ -1684,40 +1659,37 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The Pod''s termination grace period - countdown begins before the PreStop hook is executed. - Regardless of the outcome of the handler, the container - will eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other management - of the container blocks until the hook completes or until - the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -1726,9 +1698,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -1738,9 +1710,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -1757,13 +1729,15 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port @@ -1781,10 +1755,10 @@ spec: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to connect to, @@ -1794,9 +1768,10 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port @@ -1804,30 +1779,30 @@ spec: type: object type: object livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -1839,10 +1814,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -1851,9 +1828,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP @@ -1863,9 +1840,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -1882,33 +1859,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the host. + description: |- + Scheme to use for connecting to the host. Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -1923,78 +1902,82 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object name: - description: Name of the container specified as a DNS_LABEL. + description: |- + Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. type: string ports: - description: List of ports to expose from the container. Not - specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Modifying this array with strategic merge patch may corrupt - the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + description: |- + List of ports to expose from the container. Not specifying a port here + DOES NOT prevent that port from being exposed. Any port which is + listening on the default "0.0.0.0" address inside a container will be + accessible from the network. + Modifying this array with strategic merge patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. items: description: ContainerPort represents a network port in a single container. properties: containerPort: - description: Number of port to expose on the pod's IP - address. This must be a valid port number, 0 < x < 65536. + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. format: int32 type: integer hostIP: description: What host IP to bind the external port to. type: string hostPort: - description: Number of port to expose on the host. If - specified, this must be a valid port number, 0 < x < - 65536. If HostNetwork is specified, this must match - ContainerPort. Most containers do not need this. + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. format: int32 type: integer name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod - must have a unique name. Name for the port that can - be referred to by services. + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. type: string protocol: default: TCP - description: Protocol for port. Must be UDP, TCP, or SCTP. + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". type: string required: @@ -2006,30 +1989,30 @@ spec: - protocol x-kubernetes-list-type: map readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if the probe - fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -2041,10 +2024,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -2053,9 +2038,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP @@ -2065,9 +2050,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2084,33 +2069,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the host. + description: |- + Scheme to use for connecting to the host. Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -2125,34 +2112,33 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object @@ -2163,12 +2149,14 @@ spec: policy for the container. properties: resourceName: - description: 'Name of the resource to which this resource - resize policy applies. Supported values: cpu, memory.' + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. type: string restartPolicy: - description: Restart policy to apply when specified resource - is resized. If not specified, it defaults to NotRequired. + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. type: string required: - resourceName @@ -2177,22 +2165,29 @@ spec: type: array x-kubernetes-list-type: atomic resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Compute Resources required by this container. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only - be set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available inside a container. type: string required: @@ -2209,8 +2204,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -2219,52 +2215,52 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object restartPolicy: - description: 'RestartPolicy defines the restart behavior of - individual containers in a pod. This field may only be set - for init containers, and the only allowed value is "Always". + description: |- + RestartPolicy defines the restart behavior of individual containers in a pod. + This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, - the restart behavior is defined by the Pod''s restart policy - and the container type. Setting the RestartPolicy as "Always" - for the init container will have the following effect: this - init container will be continually restarted on exit until - all regular containers have terminated. Once all regular containers - have completed, all init containers with restartPolicy "Always" - will be shut down. This lifecycle differs from normal init - containers and is often referred to as a "sidecar" container. - Although this init container still starts in the init container - sequence, it does not wait for the container to complete before - proceeding to the next init container. Instead, the next init - container starts immediately after this init container is - started, or after any startupProbe has successfully completed.' + the restart behavior is defined by the Pod's restart policy and the container type. + Setting the RestartPolicy as "Always" for the init container will have the following effect: + this init container will be continually restarted on + exit until all regular containers have terminated. Once all regular + containers have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although this init + container still starts in the init container sequence, it does not wait + for the container to complete before proceeding to the next init + container. Instead, the next init container starts immediately after this + init container is started, or after any startupProbe has successfully + completed. type: string securityContext: - description: 'SecurityContext defines the security options the - container should be run with. If set, the fields of SecurityContext - override the equivalent fields of PodSecurityContext. More - info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + description: |- + SecurityContext defines the security options the container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ properties: allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether - a process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN Note that this field cannot be set - when spec.os.name is windows.' + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. type: boolean capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by - the container runtime. Note that this field cannot be - set when spec.os.name is windows. + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. properties: add: description: Added capabilities @@ -2282,60 +2278,60 @@ spec: type: array type: object privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent to - root on the host. Defaults to false. Note that this field - cannot be set when spec.os.name is windows. + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. type: boolean procMount: - description: procMount denotes the type of proc mount to - use for the containers. The default is DefaultProcMount - which uses the container runtime defaults for readonly - paths and masked paths. This requires the ProcMountType - feature flag to be enabled. Note that this field cannot - be set when spec.os.name is windows. + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. type: string readOnlyRootFilesystem: - description: Whether this container has a read-only root - filesystem. Default is false. Note that this field cannot - be set when spec.os.name is windows. + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. type: boolean runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer runAsNonRoot: - description: Indicates that the container must run as a - non-root user. If true, the Kubelet will validate the - image at runtime to ensure that it does not run as UID - 0 (root) and fail to start the container if it does. If - unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the value specified - in SecurityContext takes precedence. + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: boolean runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata - if unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name is windows. + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a - random SELinux context for each container. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. properties: level: description: Level is SELinux level label that applies @@ -2355,98 +2351,93 @@ spec: type: string type: object seccompProfile: - description: The seccomp options to use by this container. - If seccomp options are provided at both the pod & container - level, the container options override the pod options. - Note that this field cannot be set when spec.os.name is - windows. + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. properties: localhostProfile: - description: localhostProfile indicates a profile defined - in a file on the node should be used. The profile - must be preconfigured on the node to work. Must be - a descending path, relative to the kubelet's configured - seccomp profile location. Must be set if type is "Localhost". - Must NOT be set for any other type. + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: - description: "type indicates which kind of seccomp profile - will be applied. Valid options are: \n Localhost - - a profile defined in a file on the node should be - used. RuntimeDefault - the container runtime default - profile should be used. Unconfined - no profile should - be applied." + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. type: string required: - type type: object windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is - linux. + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. properties: gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of the GMSA credential spec to use. type: string hostProcess: - description: HostProcess determines if a container should - be run as a 'Host Process' container. All of a Pod's - containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess - containers and non-HostProcess containers). In addition, - if HostProcess is true then HostNetwork must also - be set to true. + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. type: boolean runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: string type: object type: object startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod - will be restarted, just as if the livenessProbe failed. This - can be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. - This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + StartupProbe indicates that the Pod has successfully initialized. + If specified, no other probes are executed until this completes successfully. + If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + when it might take a long time to load data or warm a cache, than during steady-state operation. + This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -2458,10 +2449,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -2470,9 +2463,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP @@ -2482,9 +2475,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -2501,33 +2494,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the host. + description: |- + Scheme to use for connecting to the host. Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -2542,77 +2537,76 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object stdin: - description: Whether this container should allocate a buffer - for stdin in the container runtime. If this is not set, reads - from stdin in the container will always result in EOF. Default - is false. + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. type: boolean stdinOnce: - description: Whether the container runtime should close the - stdin channel after it has been opened by a single attach. - When stdin is true the stdin stream will remain open across - multiple attach sessions. If stdinOnce is set to true, stdin - is opened on container start, is empty until the first client - attaches to stdin, and then remains open and accepts data - until the client disconnects, at which time stdin is closed - and remains closed until the container is restarted. If this - flag is false, a container processes that reads from stdin - will never receive an EOF. Default is false + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false type: boolean terminationMessagePath: - description: 'Optional: Path at which the file to which the - container''s termination message will be written is mounted - into the container''s filesystem. Message written is intended - to be brief final status, such as an assertion failure message. - Will be truncated by the node if greater than 4096 bytes. - The total message length across all containers will be limited - to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. type: string terminationMessagePolicy: - description: Indicate how the termination message should be - populated. File will use the contents of terminationMessagePath - to populate the container status message on both success and - failure. FallbackToLogsOnError will use the last chunk of - container log output if the termination message file is empty - and the container exited with an error. The log output is - limited to 2048 bytes or 80 lines, whichever is smaller. Defaults - to File. Cannot be updated. + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. type: string tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. type: boolean volumeDevices: description: volumeDevices is the list of block devices to be @@ -2635,40 +2629,44 @@ spec: type: object type: array volumeMounts: - description: Pod volumes to mount into the container's filesystem. + description: |- + Pod volumes to mount into the container's filesystem. Cannot be updated. items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. type: string mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other - way around. When not set, MountPropagationNone is used. + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. This field is beta in 1.10. type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. type: boolean subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). type: string subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. type: string required: - mountPath @@ -2676,111 +2674,153 @@ spec: type: object type: array workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might - be configured in the container image. Cannot be updated. + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. type: string required: - name type: object type: array enableFeatures: - description: "Enable access to Prometheus feature flags. By default, - no features are enabled. \n Enabling features which are disabled - by default is entirely outside the scope of what the maintainers - will support and by doing so, you accept that this behaviour may - break at any time without notice. \n For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/" + description: |- + Enable access to Prometheus feature flags. By default, no features are enabled. + + + Enabling features which are disabled by default is entirely outside the + scope of what the maintainers will support and by doing so, you accept + that this behaviour may break at any time without notice. + + + For more information see https://prometheus.io/docs/prometheus/latest/feature_flags/ items: + minLength: 1 type: string type: array + x-kubernetes-list-type: set enableRemoteWriteReceiver: - description: "Enable Prometheus to be used as a receiver for the Prometheus - remote write protocol. \n WARNING: This is not considered an efficient - way of ingesting samples. Use it with caution for specific low-volume - use cases. It is not suitable for replacing the ingestion via scraping - and turning Prometheus into a push-based metrics collection system. + description: |- + Enable Prometheus to be used as a receiver for the Prometheus remote + write protocol. + + + WARNING: This is not considered an efficient way of ingesting samples. + Use it with caution for specific low-volume use cases. + It is not suitable for replacing the ingestion via scraping and turning + Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver - \n It requires Prometheus >= v2.33.0." + + + It requires Prometheus >= v2.33.0. type: boolean enforcedBodySizeLimit: - description: "When defined, enforcedBodySizeLimit specifies a global - limit on the size of uncompressed response body that will be accepted - by Prometheus. Targets responding with a body larger than this many - bytes will cause the scrape to fail. \n It requires Prometheus >= - v2.28.0." + description: |- + When defined, enforcedBodySizeLimit specifies a global limit on the size + of uncompressed response body that will be accepted by Prometheus. + Targets responding with a body larger than this many bytes will cause + the scrape to fail. + + + It requires Prometheus >= v2.28.0. pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ type: string enforcedKeepDroppedTargets: - description: "When defined, enforcedKeepDroppedTargets specifies a - global limit on the number of targets dropped by relabeling that - will be kept in memory. The value overrides any `spec.keepDroppedTargets` - set by ServiceMonitor, PodMonitor, Probe objects unless `spec.keepDroppedTargets` - is greater than zero and less than `spec.enforcedKeepDroppedTargets`. - \n It requires Prometheus >= v2.47.0." + description: |- + When defined, enforcedKeepDroppedTargets specifies a global limit on the number of targets + dropped by relabeling that will be kept in memory. The value overrides + any `spec.keepDroppedTargets` set by + ServiceMonitor, PodMonitor, Probe objects unless `spec.keepDroppedTargets` is + greater than zero and less than `spec.enforcedKeepDroppedTargets`. + + + It requires Prometheus >= v2.47.0. format: int64 type: integer enforcedLabelLimit: - description: "When defined, enforcedLabelLimit specifies a global - limit on the number of labels per sample. The value overrides any - `spec.labelLimit` set by ServiceMonitor, PodMonitor, Probe objects - unless `spec.labelLimit` is greater than zero and less than `spec.enforcedLabelLimit`. - \n It requires Prometheus >= v2.27.0." + description: |- + When defined, enforcedLabelLimit specifies a global limit on the number + of labels per sample. The value overrides any `spec.labelLimit` set by + ServiceMonitor, PodMonitor, Probe objects unless `spec.labelLimit` is + greater than zero and less than `spec.enforcedLabelLimit`. + + + It requires Prometheus >= v2.27.0. format: int64 type: integer enforcedLabelNameLengthLimit: - description: "When defined, enforcedLabelNameLengthLimit specifies - a global limit on the length of labels name per sample. The value - overrides any `spec.labelNameLengthLimit` set by ServiceMonitor, - PodMonitor, Probe objects unless `spec.labelNameLengthLimit` is + description: |- + When defined, enforcedLabelNameLengthLimit specifies a global limit on the length + of labels name per sample. The value overrides any `spec.labelNameLengthLimit` set by + ServiceMonitor, PodMonitor, Probe objects unless `spec.labelNameLengthLimit` is greater than zero and less than `spec.enforcedLabelNameLengthLimit`. - \n It requires Prometheus >= v2.27.0." + + + It requires Prometheus >= v2.27.0. format: int64 type: integer enforcedLabelValueLengthLimit: - description: "When not null, enforcedLabelValueLengthLimit defines - a global limit on the length of labels value per sample. The value - overrides any `spec.labelValueLengthLimit` set by ServiceMonitor, - PodMonitor, Probe objects unless `spec.labelValueLengthLimit` is + description: |- + When not null, enforcedLabelValueLengthLimit defines a global limit on the length + of labels value per sample. The value overrides any `spec.labelValueLengthLimit` set by + ServiceMonitor, PodMonitor, Probe objects unless `spec.labelValueLengthLimit` is greater than zero and less than `spec.enforcedLabelValueLengthLimit`. - \n It requires Prometheus >= v2.27.0." + + + It requires Prometheus >= v2.27.0. format: int64 type: integer enforcedNamespaceLabel: - description: "When not empty, a label will be added to \n 1. All metrics - scraped from `ServiceMonitor`, `PodMonitor`, `Probe` and `ScrapeConfig` - objects. 2. All metrics generated from recording rules defined in - `PrometheusRule` objects. 3. All alerts generated from alerting - rules defined in `PrometheusRule` objects. 4. All vector selectors - of PromQL expressions defined in `PrometheusRule` objects. \n The - label will not added for objects referenced in `spec.excludedFromEnforcement`. - \n The label's name is this field's value. The label's value is - the namespace of the `ServiceMonitor`, `PodMonitor`, `Probe` or - `PrometheusRule` object." + description: |- + When not empty, a label will be added to: + + + 1. All metrics scraped from `ServiceMonitor`, `PodMonitor`, `Probe` and `ScrapeConfig` objects. + 2. All metrics generated from recording rules defined in `PrometheusRule` objects. + 3. All alerts generated from alerting rules defined in `PrometheusRule` objects. + 4. All vector selectors of PromQL expressions defined in `PrometheusRule` objects. + + + The label will not added for objects referenced in `spec.excludedFromEnforcement`. + + + The label's name is this field's value. + The label's value is the namespace of the `ServiceMonitor`, + `PodMonitor`, `Probe`, `PrometheusRule` or `ScrapeConfig` object. type: string enforcedSampleLimit: - description: "When defined, enforcedSampleLimit specifies a global - limit on the number of scraped samples that will be accepted. This - overrides any `spec.sampleLimit` set by ServiceMonitor, PodMonitor, - Probe objects unless `spec.sampleLimit` is greater than zero and - less than `spec.enforcedSampleLimit`. \n It is meant to be used - by admins to keep the overall number of samples/series under a desired - limit." + description: |- + When defined, enforcedSampleLimit specifies a global limit on the number + of scraped samples that will be accepted. This overrides any + `spec.sampleLimit` set by ServiceMonitor, PodMonitor, Probe objects + unless `spec.sampleLimit` is greater than zero and less than + `spec.enforcedSampleLimit`. + + + It is meant to be used by admins to keep the overall number of + samples/series under a desired limit. format: int64 type: integer enforcedTargetLimit: - description: "When defined, enforcedTargetLimit specifies a global - limit on the number of scraped targets. The value overrides any - `spec.targetLimit` set by ServiceMonitor, PodMonitor, Probe objects - unless `spec.targetLimit` is greater than zero and less than `spec.enforcedTargetLimit`. - \n It is meant to be used by admins to to keep the overall number - of targets under a desired limit." + description: |- + When defined, enforcedTargetLimit specifies a global limit on the number + of scraped targets. The value overrides any `spec.targetLimit` set by + ServiceMonitor, PodMonitor, Probe objects unless `spec.targetLimit` is + greater than zero and less than `spec.enforcedTargetLimit`. + + + It is meant to be used by admins to to keep the overall number of + targets under a desired limit. format: int64 type: integer excludedFromEnforcement: - description: "List of references to PodMonitor, ServiceMonitor, Probe - and PrometheusRule objects to be excluded from enforcing a namespace - label of origin. \n It is only applicable if `spec.enforcedNamespaceLabel` - set to true." + description: |- + List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects + to be excluded from enforcing a namespace label of origin. + + + It is only applicable if `spec.enforcedNamespaceLabel` set to true. items: description: ObjectReference references a PodMonitor, ServiceMonitor, Probe or PrometheusRule object. @@ -2797,7 +2837,9 @@ spec: in the namespace are matched. type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ minLength: 1 type: string resource: @@ -2817,22 +2859,26 @@ spec: externalLabels: additionalProperties: type: string - description: The labels to add to any time series or alerts when communicating - with external systems (federation, remote storage, Alertmanager). - Labels defined by `spec.replicaExternalLabelName` and `spec.prometheusExternalLabelName` - take precedence over this list. + description: |- + The labels to add to any time series or alerts when communicating with + external systems (federation, remote storage, Alertmanager). + Labels defined by `spec.replicaExternalLabelName` and + `spec.prometheusExternalLabelName` take precedence over this list. type: object externalUrl: - description: The external URL under which the Prometheus service is - externally available. This is necessary to generate correct URLs - (for instance if Prometheus is accessible behind an Ingress resource). + description: |- + The external URL under which the Prometheus service is externally + available. This is necessary to generate correct URLs (for instance if + Prometheus is accessible behind an Ingress resource). type: string hostAliases: - description: Optional list of hosts and IPs that will be injected - into the Pod's hosts file if specified. + description: |- + Optional list of hosts and IPs that will be injected into the Pod's + hosts file if specified. items: - description: HostAlias holds the mapping between IP and hostnames - that will be injected as an entry in the pod's hosts file. + description: |- + HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the + pod's hosts file. properties: hostnames: description: Hostnames for the above IP address. @@ -2851,31 +2897,42 @@ spec: - ip x-kubernetes-list-type: map hostNetwork: - description: "Use the host's network namespace if true. \n Make sure - to understand the security implications if you want to enable it - (https://kubernetes.io/docs/concepts/configuration/overview/). \n - When hostNetwork is enabled, this will set the DNS policy to `ClusterFirstWithHostNet` - automatically." + description: |- + Use the host's network namespace if true. + + + Make sure to understand the security implications if you want to enable + it (https://kubernetes.io/docs/concepts/configuration/overview/). + + + When hostNetwork is enabled, this will set the DNS policy to + `ClusterFirstWithHostNet` automatically. type: boolean ignoreNamespaceSelectors: - description: When true, `spec.namespaceSelector` from all PodMonitor, - ServiceMonitor and Probe objects will be ignored. They will only - discover targets within the namespace of the PodMonitor, ServiceMonitor - and Probe object. + description: |- + When true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor + and Probe objects will be ignored. They will only discover targets + within the namespace of the PodMonitor, ServiceMonitor and Probe + object. type: boolean image: - description: "Container image name for Prometheus. If specified, it - takes precedence over the `spec.baseImage`, `spec.tag` and `spec.sha` - fields. \n Specifying `spec.version` is still necessary to ensure - the Prometheus Operator knows which version of Prometheus is being - configured. \n If neither `spec.image` nor `spec.baseImage` are - defined, the operator will use the latest upstream version of Prometheus - available at the time when the operator was released." + description: |- + Container image name for Prometheus. If specified, it takes precedence + over the `spec.baseImage`, `spec.tag` and `spec.sha` fields. + + + Specifying `spec.version` is still necessary to ensure the Prometheus + Operator knows which version of Prometheus is being configured. + + + If neither `spec.image` nor `spec.baseImage` are defined, the operator + will use the latest upstream version of Prometheus available at the time + when the operator was released. type: string imagePullPolicy: - description: Image pull policy for the 'prometheus', 'init-config-reloader' - and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy - for more details. + description: |- + Image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. + See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. enum: - "" - Always @@ -2883,65 +2940,76 @@ spec: - IfNotPresent type: string imagePullSecrets: - description: An optional list of references to Secrets in the same - namespace to use for pulling images from registries. See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + description: |- + An optional list of references to Secrets in the same namespace + to use for pulling images from registries. + See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic type: array initContainers: - description: "InitContainers allows injecting initContainers to the - Pod definition. Those can be used to e.g. fetch secrets for injection - into the Prometheus configuration from external sources. Any errors - during the execution of an initContainer will lead to a restart - of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + description: |- + InitContainers allows injecting initContainers to the Pod definition. Those + can be used to e.g. fetch secrets for injection into the Prometheus + configuration from external sources. Any errors during the execution of + an initContainer will lead to a restart of the Pod. More info: + https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator generated init - containers if they share the same name and modifications are done - via a strategic merge patch. \n The names of init container name - managed by the operator are: * `init-config-reloader`. \n Overriding - init containers is entirely outside the scope of what the maintainers - will support and by doing so, you accept that this behaviour may - break at any time without notice." + containers if they share the same name and modifications are done via a + strategic merge patch. + + + The names of init container name managed by the operator are: + * `init-config-reloader`. + + + Overriding init containers is entirely outside the scope of what the + maintainers will support and by doing so, you accept that this behaviour + may break at any time without notice. items: description: A single application container that you want to run within a pod. properties: args: - description: 'Arguments to the entrypoint. The container image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will - be unchanged. Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references - will never be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Arguments to the entrypoint. + The container image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array command: - description: 'Entrypoint array. Not executed within a shell. - The container image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: - i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether - the variable exists or not. Cannot be updated. More info: - https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: |- + Entrypoint array. Not executed within a shell. + The container image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell items: type: string type: array env: - description: List of environment variables to set in the container. + description: |- + List of environment variables to set in the container. Cannot be updated. items: description: EnvVar represents an environment variable present @@ -2952,16 +3020,16 @@ spec: a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - the container and any service environment variables. - If a variable cannot be resolved, the reference in the - input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string - literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists - or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: description: Source for the environment variable's value. @@ -2974,10 +3042,10 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or @@ -2988,11 +3056,9 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema the FieldPath @@ -3007,11 +3073,9 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required for volumes, @@ -3041,10 +3105,10 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its @@ -3060,13 +3124,13 @@ spec: type: object type: array envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be - a C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key - will take precedence. Cannot be updated. + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. items: description: EnvFromSource represents the source of a set of ConfigMaps @@ -3075,9 +3139,10 @@ spec: description: The ConfigMap to select from properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be @@ -3093,9 +3158,10 @@ spec: description: The Secret to select from properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -3105,40 +3171,42 @@ spec: type: object type: array image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. type: string imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images type: string lifecycle: - description: Actions that the management system should take - in response to container lifecycle events. Cannot be updated. + description: |- + Actions that the management system should take in response to container lifecycle events. + Cannot be updated. properties: postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -3147,9 +3215,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -3159,9 +3227,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3178,13 +3246,15 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port @@ -3202,10 +3272,10 @@ spec: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to connect to, @@ -3215,40 +3285,37 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The Pod''s termination grace period - countdown begins before the PreStop hook is executed. - Regardless of the outcome of the handler, the container - will eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other management - of the container blocks until the hook completes or until - the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array @@ -3257,9 +3324,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. @@ -3269,9 +3336,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3288,13 +3355,15 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port @@ -3312,10 +3381,10 @@ spec: - seconds type: object tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: description: 'Optional: Host name to connect to, @@ -3325,9 +3394,10 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port @@ -3335,30 +3405,30 @@ spec: type: object type: object livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -3370,10 +3440,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -3382,9 +3454,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP @@ -3394,9 +3466,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3413,33 +3485,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the host. + description: |- + Scheme to use for connecting to the host. Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -3454,78 +3528,82 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object name: - description: Name of the container specified as a DNS_LABEL. + description: |- + Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. type: string ports: - description: List of ports to expose from the container. Not - specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Modifying this array with strategic merge patch may corrupt - the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + description: |- + List of ports to expose from the container. Not specifying a port here + DOES NOT prevent that port from being exposed. Any port which is + listening on the default "0.0.0.0" address inside a container will be + accessible from the network. + Modifying this array with strategic merge patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. items: description: ContainerPort represents a network port in a single container. properties: containerPort: - description: Number of port to expose on the pod's IP - address. This must be a valid port number, 0 < x < 65536. + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. format: int32 type: integer hostIP: description: What host IP to bind the external port to. type: string hostPort: - description: Number of port to expose on the host. If - specified, this must be a valid port number, 0 < x < - 65536. If HostNetwork is specified, this must match - ContainerPort. Most containers do not need this. + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. format: int32 type: integer name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod - must have a unique name. Name for the port that can - be referred to by services. + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. type: string protocol: default: TCP - description: Protocol for port. Must be UDP, TCP, or SCTP. + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". type: string required: @@ -3537,30 +3615,30 @@ spec: - protocol x-kubernetes-list-type: map readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if the probe - fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -3572,10 +3650,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -3584,9 +3664,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP @@ -3596,9 +3676,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -3615,33 +3695,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the host. + description: |- + Scheme to use for connecting to the host. Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -3656,34 +3738,33 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object @@ -3694,12 +3775,14 @@ spec: policy for the container. properties: resourceName: - description: 'Name of the resource to which this resource - resize policy applies. Supported values: cpu, memory.' + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. type: string restartPolicy: - description: Restart policy to apply when specified resource - is resized. If not specified, it defaults to NotRequired. + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. type: string required: - resourceName @@ -3708,22 +3791,29 @@ spec: type: array x-kubernetes-list-type: atomic resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Compute Resources required by this container. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only - be set for containers." + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available inside a container. type: string required: @@ -3740,8 +3830,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object requests: additionalProperties: @@ -3750,52 +3841,52 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ type: object type: object restartPolicy: - description: 'RestartPolicy defines the restart behavior of - individual containers in a pod. This field may only be set - for init containers, and the only allowed value is "Always". + description: |- + RestartPolicy defines the restart behavior of individual containers in a pod. + This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, - the restart behavior is defined by the Pod''s restart policy - and the container type. Setting the RestartPolicy as "Always" - for the init container will have the following effect: this - init container will be continually restarted on exit until - all regular containers have terminated. Once all regular containers - have completed, all init containers with restartPolicy "Always" - will be shut down. This lifecycle differs from normal init - containers and is often referred to as a "sidecar" container. - Although this init container still starts in the init container - sequence, it does not wait for the container to complete before - proceeding to the next init container. Instead, the next init - container starts immediately after this init container is - started, or after any startupProbe has successfully completed.' + the restart behavior is defined by the Pod's restart policy and the container type. + Setting the RestartPolicy as "Always" for the init container will have the following effect: + this init container will be continually restarted on + exit until all regular containers have terminated. Once all regular + containers have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although this init + container still starts in the init container sequence, it does not wait + for the container to complete before proceeding to the next init + container. Instead, the next init container starts immediately after this + init container is started, or after any startupProbe has successfully + completed. type: string securityContext: - description: 'SecurityContext defines the security options the - container should be run with. If set, the fields of SecurityContext - override the equivalent fields of PodSecurityContext. More - info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + description: |- + SecurityContext defines the security options the container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ properties: allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether - a process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN Note that this field cannot be set - when spec.os.name is windows.' + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. type: boolean capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by - the container runtime. Note that this field cannot be - set when spec.os.name is windows. + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. properties: add: description: Added capabilities @@ -3813,60 +3904,60 @@ spec: type: array type: object privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent to - root on the host. Defaults to false. Note that this field - cannot be set when spec.os.name is windows. + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. type: boolean procMount: - description: procMount denotes the type of proc mount to - use for the containers. The default is DefaultProcMount - which uses the container runtime defaults for readonly - paths and masked paths. This requires the ProcMountType - feature flag to be enabled. Note that this field cannot - be set when spec.os.name is windows. + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. type: string readOnlyRootFilesystem: - description: Whether this container has a read-only root - filesystem. Default is false. Note that this field cannot - be set when spec.os.name is windows. + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. type: boolean runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer runAsNonRoot: - description: Indicates that the container must run as a - non-root user. If true, the Kubelet will validate the - image at runtime to ensure that it does not run as UID - 0 (root) and fail to start the container if it does. If - unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the value specified - in SecurityContext takes precedence. + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: boolean runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata - if unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name is windows. + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a - random SELinux context for each container. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. properties: level: description: Level is SELinux level label that applies @@ -3886,98 +3977,93 @@ spec: type: string type: object seccompProfile: - description: The seccomp options to use by this container. - If seccomp options are provided at both the pod & container - level, the container options override the pod options. - Note that this field cannot be set when spec.os.name is - windows. + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. properties: localhostProfile: - description: localhostProfile indicates a profile defined - in a file on the node should be used. The profile - must be preconfigured on the node to work. Must be - a descending path, relative to the kubelet's configured - seccomp profile location. Must be set if type is "Localhost". - Must NOT be set for any other type. + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. type: string type: - description: "type indicates which kind of seccomp profile - will be applied. Valid options are: \n Localhost - - a profile defined in a file on the node should be - used. RuntimeDefault - the container runtime default - profile should be used. Unconfined - no profile should - be applied." + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. type: string required: - type type: object windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is - linux. + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. properties: gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of the GMSA credential spec to use. type: string hostProcess: - description: HostProcess determines if a container should - be run as a 'Host Process' container. All of a Pod's - containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess - containers and non-HostProcess containers). In addition, - if HostProcess is true then HostNetwork must also - be set to true. + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. type: boolean runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. type: string type: object type: object startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod - will be restarted, just as if the livenessProbe failed. This - can be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. - This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + StartupProbe indicates that the Pod has successfully initialized. + If specified, no other probes are executed until this completes successfully. + If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + when it might take a long time to load data or warm a cache, than during steady-state operation. + This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: description: Exec specifies the action to take. properties: command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. items: type: string type: array type: object failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. format: int32 type: integer grpc: @@ -3989,10 +4075,12 @@ spec: format: int32 type: integer service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. type: string required: - port @@ -4001,9 +4089,9 @@ spec: description: HTTPGet specifies the http request to perform. properties: host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. type: string httpHeaders: description: Custom headers to set in the request. HTTP @@ -4013,9 +4101,9 @@ spec: to be used in HTTP probes properties: name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. type: string value: description: The header field value @@ -4032,33 +4120,35 @@ spec: anyOf: - type: integer - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to the host. + description: |- + Scheme to use for connecting to the host. Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer periodSeconds: - description: How often (in seconds) to perform the probe. + description: |- + How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. format: int32 type: integer successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. format: int32 type: integer tcpSocket: @@ -4073,77 +4163,76 @@ spec: anyOf: - type: integer - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. format: int64 type: integer timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes format: int32 type: integer type: object stdin: - description: Whether this container should allocate a buffer - for stdin in the container runtime. If this is not set, reads - from stdin in the container will always result in EOF. Default - is false. + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. type: boolean stdinOnce: - description: Whether the container runtime should close the - stdin channel after it has been opened by a single attach. - When stdin is true the stdin stream will remain open across - multiple attach sessions. If stdinOnce is set to true, stdin - is opened on container start, is empty until the first client - attaches to stdin, and then remains open and accepts data - until the client disconnects, at which time stdin is closed - and remains closed until the container is restarted. If this - flag is false, a container processes that reads from stdin - will never receive an EOF. Default is false + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false type: boolean terminationMessagePath: - description: 'Optional: Path at which the file to which the - container''s termination message will be written is mounted - into the container''s filesystem. Message written is intended - to be brief final status, such as an assertion failure message. - Will be truncated by the node if greater than 4096 bytes. - The total message length across all containers will be limited - to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. type: string terminationMessagePolicy: - description: Indicate how the termination message should be - populated. File will use the contents of terminationMessagePath - to populate the container status message on both success and - failure. FallbackToLogsOnError will use the last chunk of - container log output if the termination message file is empty - and the container exited with an error. The log output is - limited to 2048 bytes or 80 lines, whichever is smaller. Defaults - to File. Cannot be updated. + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. type: string tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. type: boolean volumeDevices: description: volumeDevices is the list of block devices to be @@ -4166,40 +4255,44 @@ spec: type: object type: array volumeMounts: - description: Pod volumes to mount into the container's filesystem. + description: |- + Pod volumes to mount into the container's filesystem. Cannot be updated. items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. type: string mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other - way around. When not set, MountPropagationNone is used. + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. This field is beta in 1.10. type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. type: boolean subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). type: string subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. type: string required: - mountPath @@ -4207,40 +4300,47 @@ spec: type: object type: array workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might - be configured in the container image. Cannot be updated. + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. type: string required: - name type: object type: array keepDroppedTargets: - description: "Per-scrape limit on the number of targets dropped by - relabeling that will be kept in memory. 0 means no limit. \n It - requires Prometheus >= v2.47.0." + description: |- + Per-scrape limit on the number of targets dropped by relabeling + that will be kept in memory. 0 means no limit. + + + It requires Prometheus >= v2.47.0. format: int64 type: integer labelLimit: - description: Per-scrape limit on number of labels that will be accepted - for a sample. Only valid in Prometheus versions 2.45.0 and newer. + description: |- + Per-scrape limit on number of labels that will be accepted for a sample. + Only valid in Prometheus versions 2.45.0 and newer. format: int64 type: integer labelNameLengthLimit: - description: Per-scrape limit on length of labels name that will be - accepted for a sample. Only valid in Prometheus versions 2.45.0 - and newer. + description: |- + Per-scrape limit on length of labels name that will be accepted for a sample. + Only valid in Prometheus versions 2.45.0 and newer. format: int64 type: integer labelValueLengthLimit: - description: Per-scrape limit on length of labels value that will - be accepted for a sample. Only valid in Prometheus versions 2.45.0 - and newer. + description: |- + Per-scrape limit on length of labels value that will be accepted for a sample. + Only valid in Prometheus versions 2.45.0 and newer. format: int64 type: integer listenLocal: - description: When true, the Prometheus server listens on the loopback - address instead of the Pod IP's address. + description: |- + When true, the Prometheus server listens on the loopback address + instead of the Pod IP's address. type: boolean logFormat: description: Log format for Log level for Prometheus and the config-reloader @@ -4260,21 +4360,21 @@ spec: - error type: string maximumStartupDurationSeconds: - description: Defines the maximum time that the `prometheus` container's - startup probe will wait before being considered failed. The startup - probe will return success after the WAL replay is complete. If set, - the value should be greater than 60 (seconds). Otherwise it will - be equal to 600 seconds (15 minutes). + description: |- + Defines the maximum time that the `prometheus` container's startup probe will wait before being considered failed. The startup probe will return success after the WAL replay is complete. + If set, the value should be greater than 60 (seconds). Otherwise it will be equal to 600 seconds (15 minutes). format: int32 minimum: 60 type: integer minReadySeconds: - description: "Minimum number of seconds for which a newly created - Pod should be ready without any of its container crashing for it - to be considered available. Defaults to 0 (pod will be considered - available as soon as it is ready) \n This is an alpha field from - kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds - feature gate." + description: |- + Minimum number of seconds for which a newly created Pod should be ready + without any of its container crashing for it to be considered available. + Defaults to 0 (pod will be considered available as soon as it is ready) + + + This is an alpha field from kubernetes 1.22 until 1.24 which requires + enabling the StatefulSetMinReadySeconds feature gate. format: int32 type: integer nodeSelector: @@ -4283,106 +4383,117 @@ spec: description: Defines on which Nodes the Pods are scheduled. type: object overrideHonorLabels: - description: When true, Prometheus resolves label conflicts by renaming - the labels in the scraped data to "exported_