diff --git a/.github/ISSUE_TEMPLATE/new_release.md b/.github/ISSUE_TEMPLATE/new_release.md index 556d9de8..078edeb9 100644 --- a/.github/ISSUE_TEMPLATE/new_release.md +++ b/.github/ISSUE_TEMPLATE/new_release.md @@ -7,8 +7,9 @@ labels: release - [ ] Update the `$LATEST_VER` parameter in [netlify_build.sh](https://github.com/crossplane/docs/blob/master/netlify_build.sh#L3) - [ ] Update `params.latest` in [config.yaml](https://github.com/crossplane/docs/blob/master/config.yaml#L93) +- [ ] Copy Crossplane [cluster/crds](https://github.com/crossplane/crossplane/tree/main/cluster/crds) contents to `/content/master/api/crds` +- [ ] Copy `/content/master` directory to `/content/` - [ ] Update `version` in the `_index.md` file of `/content/` from `master` to the correct version. -- [ ] Copy Crossplane [cluster/crds](https://github.com/crossplane/crossplane/tree/main/cluster/crds) contents to `/content//api/crds`. -- [ ] Create a [new release/tag](https://github.com/crossplane/docs/releases/new) named "v-archive" to snapshot EOL'd docs. +- [ ] Create a [new release/tag](https://github.com/crossplane/docs/releases/new) named `v-archive` to snapshot EOL'd docs. - [ ] Remove EOL'd docs version from "/content" directory and run `hugo` locally to check for broken links. - [ ] Trigger [Algolia Crawler](https://crawler.algolia.com/) after publishing to reindex results. \ No newline at end of file diff --git a/config.yaml b/config.yaml index 6f8bf27a..49d4a3d5 100644 --- a/config.yaml +++ b/config.yaml @@ -90,7 +90,7 @@ security: # Global parameters accessible by any Page params: # The current "latest" version. Used in the version dropdown - latest: "1.19" + latest: "1.20" docs: true anchors: # Generate heading anchors for any heading between min and max diff --git a/content/v1.17/api/crds/pkg.crossplane.io_locks.yaml b/content/v1.17/api/crds/pkg.crossplane.io_locks.yaml deleted file mode 100644 index b55f731b..00000000 --- a/content/v1.17/api/crds/pkg.crossplane.io_locks.yaml +++ /dev/null @@ -1,100 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: locks.pkg.crossplane.io -spec: - group: pkg.crossplane.io - names: - kind: Lock - listKind: LockList - plural: locks - singular: lock - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: Lock is the CRD type that tracks package dependencies. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - packages: - items: - description: LockPackage is a package that is in the lock. - properties: - dependencies: - description: |- - Dependencies are the list of dependencies of this package. The order of - the dependencies will dictate the order in which they are resolved. - items: - description: A Dependency is a dependency of a package in the - lock. - properties: - constraints: - description: |- - Constraints is a valid semver range, which will be used to select a valid - dependency version. - type: string - package: - description: Package is the OCI image name without a tag or - digest. - type: string - type: - description: Type is the type of package. Can be either Configuration - or Provider. - type: string - required: - - constraints - - package - - type - type: object - type: array - name: - description: Name corresponds to the name of the package revision - for this package. - type: string - source: - description: Source is the OCI image name without a tag or digest. - type: string - type: - description: Type is the type of package. Can be either Configuration - or Provider. - type: string - version: - description: Version is the tag or digest of the OCI image. - type: string - required: - - dependencies - - name - - source - - type - - version - type: object - type: array - type: object - served: true - storage: true - subresources: - status: {} diff --git a/content/v1.17/concepts/environment-configs.md b/content/v1.17/concepts/environment-configs.md deleted file mode 100644 index 7369218e..00000000 --- a/content/v1.17/concepts/environment-configs.md +++ /dev/null @@ -1,414 +0,0 @@ ---- -title: Environment Configurations -weight: 75 -state: alpha -alphaVersion: "1.11" -description: "Environment Configurations or EnvironmentConfigs are an in-memory datastore used in Compositions" ---- - - - - -A Crossplane EnvironmentConfig is a cluster scoped -[ConfigMap](https://kubernetes.io/docs/concepts/configuration/configmap/)-like -resource used by Compositions. Compositions can use the environment to store -information from individual resources or to apply patches. - -Crossplane supports multiple EnvironmentConfigs, each acting as a unique -data store. - -When Crossplane creates a composite resource, Crossplane merges all the -EnvironmentConfigs referenced in the associated Composition and creates a unique -in-memory environment for that composite resource. - -The composite resource can read and write data to their unique -in-memory environment. - -{{}} -The in-memory environment is unique to each composite resource. -A composite resource can't read data in another composite resource's -environment. -{{< /hint >}} - -## Enable EnvironmentConfigs -EnvironmentConfigs are an alpha feature. Alpha features aren't enabled by -default. - -Enable EnvironmentConfig support by -[changing the Crossplane pod setting]({{}}) -and enabling -{{}}--enable-environment-configs{{}} -argument. - -```yaml {label="deployment",copy-lines="12"} -$ kubectl edit deployment crossplane --namespace crossplane-system -apiVersion: apps/v1 -kind: Deployment -spec: -# Removed for brevity - template: - spec: - containers: - - args: - - core - - start - - --enable-environment-configs -``` - -{{}} - -The [Crossplane install guide]({{}}) -describes enabling feature flags like -{{}}--enable-environment-configs{{}} -with Helm. -{{< /hint >}} - - -## Create an EnvironmentConfig - - -An {{}}EnvironmentConfig{{}} has a single -object field, -{{}}data{{}}. - -An EnvironmentConfig supports any data inside the -{{}}data{{}} field. - -Here an example -{{}}EnvironmentConfig{{}}. - -```yaml {label="env1"} -apiVersion: apiextensions.crossplane.io/v1alpha1 -kind: EnvironmentConfig -metadata: - name: example-environment -data: - locations: - us: us-east-2 - eu: eu-north-1 - key1: value1 - key2: value2 - key3: - - item1 - - item2 -``` - - -## Select an EnvironmentConfig - - -Select the EnvironmentConfigs to use -inside a Composition's -{{}}environment{{}} field. - -The {{}}environmentConfigs{{}} field is a -list of environments this Composition can use. - -Select an environment by -{{}}Reference{{}} or -by -{{}}Selector{{}}. - -A -{{}}Reference{{}} -selects an environment by -{{}}name{{}}. -The -{{}}Selector{{}} selects an environment -based on the -{{}}Labels{{}} applied to the environment. - -```yaml {label="comp",copy-lines="none"} -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: example-composition -spec: - environment: - environmentConfigs: - - type: Reference - ref: - name: example-environment - - type: Selector - selector: - matchLabels: - # Removed for brevity -``` - -If a Composition uses multiple -{{}}environmentConfigs{{}} -Crossplane merges them together in the order they're listed. - -{{}} -If multiple -{{}}environmentConfigs{{}} -use the same key, the Composition uses the value of the last environment listed. -{{}} - -### Select by name - -Select an environment by name with -{{}}type: Reference{{}}. - -Define the -{{}}ref{{}} object and the -{{}}name{{}} matching the exact name of -the environment. - - -For example, select the -{{}}environmentConfig{{}} -named -{{}}example-environment{{}} - -```yaml {label="byName",copy-lines="all"} -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: example-composition -spec: - environment: - environmentConfigs: - - type: Reference - ref: - name: example-environment -``` - -### Select by label - -Select an environment by labels with a -{{}}type: Selector{{}}. - -Define the {{}}selector{{}} object. - -The -{{}}matchLabels{{}} object contains a -list of labels to match on. - -Selecting a label requires matching both the label -{{}}key{{}} -and the value of key. - -When matching the label's value, provide an exact value with a -{{}}type: Value{{}} and provide the value -to match in the -{{}}value{{}} field. - -Crossplane can also match a label's value based on an input in the composite -resource. Use -{{}}type: FromCompositeFieldPath{{}} -and provide the field to match in the -{{}}valueFromFieldPath{{}} field. - -```yaml {label="byLabel",copy-lines="all"} -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: example-composition -spec: - environment: - environmentConfigs: - - type: Selector - selector: - matchLabels: - - key: my-label-key - type: Value - value: my-label-value - - key: my-label-key - type: FromCompositeFieldPath - valueFromFieldPath: spec.parameters.deploy - # Removed for brevity -``` - -#### Manage selector results - -Selecting environments by labels may return more than one environment. -The Composition sorts all the results by the name of the environments and -only uses the first environment in the sorted list. - -Set the {{}}mode{{}} as -{{}}mode: Multiple{{}} to return -all matched environments. Use -{{}}mode: Single{{}} to -return a single environment. - -{{}} -Sorting and the selection -{{}}mode{{}} -only applies to a single -{{}}type: Selector{{}}. - -This doesn't change how Compositions merge multiple -{{}}environmentConfigs{{}}. -{{< /hint >}} - - -```yaml {label="selectResults"} -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: example-composition -spec: - environment: - environmentConfigs: - - type: Selector - selector: - mode: Multiple - matchLabels: - - key: my-label-key - type: Value - value: my-label-value - - key: my-label-key - type: FromCompositeFieldPath - valueFromFieldPath: spec.parameters.deploy - - type: Selector - selector: - mode: Single - matchLabels: - - key: my-other-label-key - type: Value - value: my-other-label-value - - key: my-other-label-key - type: FromCompositeFieldPath - valueFromFieldPath: spec.parameters.deploy -``` - -When using -{{}}mode: Multiple{{}} limit the -number of returned environments with -{{}}maxMatch{{}} and define the -maximum number of environments returned. - -Use `minMatch` and define the minimum -number of environments returned. - -The Composition sorts the returned environments alphabetically by name. Sort the -environments on a different field with -{{}}sortByFieldPath{{}} and define -the field to sort by. - - -```yaml {label="maxMatch"} -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: example-composition -spec: - environment: - environmentConfigs: - - type: Selector - selector: - mode: Multiple - maxMatch: 4 - sortByFieldPath: metadata.annotations[sort.by/weight] - matchLabels: - - key: my-label-key - type: Value - value: my-label-value - - key: my-label-key - type: FromCompositeFieldPath - valueFromFieldPath: spec.parameters.deploy -``` - -The environments selected by -{{}}matchLabels{{}} are then merged -into any other environments listed in the -{{}}environmentConfigs{{}}. - -#### Optional selector labels -By default, Crossplane issues an error if a -{{}}valueFromFieldPath{{}} -field doesn't exist in the composite resource. - -Add -{{}}fromFieldPathPolicy{{}} -as {{}}Optional{{}} -to ignore a field if it doesn't exist. - -```yaml {label="byLabelOptional",copy-lines="all"} -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: example-composition -spec: - environment: - environmentConfigs: - - type: Selector - selector: - matchLabels: - - key: my-first-label-key - type: Value - value: my-first-label-value - - key: my-second-label-key - type: FromCompositeFieldPath - valueFromFieldPath: spec.parameters.deploy - fromFieldPathPolicy: Optional - # Removed for brevity -``` - - -Set a default value for an optional label by setting the default -{{}}value{{}} for the -{{}}key{{}} first, then -define the -{{}}Optional{{}} label. - -For example, this Composition defines -{{}}value: my-default-value{{}} -for the key {{}}my-second-label-key{{}}. -If the label -{{}}my-second-label-key{{}} -exists, Crossplane uses the value from the label instead. - -```yaml {label="byLabelOptionalDefault",copy-lines="all"} -apiVersion: apiextensions.crossplane.io/v1 -kind: Composition -metadata: - name: example-composition -spec: - environment: - environmentConfigs: - - type: Selector - selector: - matchLabels: - - key: my-first-label-key - type: Value - value: my-label-value - - key: my-second-label-key - type: Value - value: my-default-value - - key: my-second-label-key - type: FromCompositeFieldPath - valueFromFieldPath: spec.parameters.deploy - fromFieldPathPolicy: Optional - # Removed for brevity -``` - -{{}} -Crossplane applies values in order. The value of the last key defined always takes precedence. - -Defining the default value _after_ the label always overwrites the label -value. -{{< /hint >}} - -## Use EnvironmentConfigs in a Composition - -When Crossplane creates or updates a composite resource, it merges all the -specified EnvironmentConfigs into an in-memory environment. - -Crossplane sends the merged, in-memory environment to the composition function -pipeline using the -[pipeline context]({{}}). -It writes the environment to the `apiextensions.crossplane.io/environment` -context key. - -Some composition functions can read the environment from the pipeline context -and use it to compose resources. - -{{}} -The Patch and Transform function can use the environment to patch composed -resources. Read about EnvironmentConfig patch types in the -[Patch and Transform function documentation]({{}}). -{{< /hint >}} diff --git a/content/v1.17/concepts/image-configs.md b/content/v1.17/concepts/image-configs.md deleted file mode 100644 index 502f42e6..00000000 --- a/content/v1.17/concepts/image-configs.md +++ /dev/null @@ -1,86 +0,0 @@ ---- -title: Image Configs -weight: 400 -description: "Image Configs is an API for centralized control of the configuration of Crossplane package images." ---- - - - -`ImageConfig` is an API for centralized control over the configuration of -Crossplane package images. It allows you to configure package manager behavior -for images globally, without needing to be referenced by other objects. - -## Configuring a pull secret - -You can use `ImageConfig` to inject a pull secret into the Crossplane package -manager registry client whenever it interacts with the registry, such as for -dependency resolution or image pulls. - -In the following example, the `ImageConfig` resource named `acme-packages` is -configured to inject the pull secret named `acme-registry-credentials` whenever -it needs to interact with the registry for images with the prefix -`registry1.com/acme-co/`. - -```yaml -apiVersion: pkg.crossplane.io/v1beta1 -kind: ImageConfig -metadata: - name: acme-packages -spec: - matchImages: - - type: Prefix - prefix: registry1.com/acme-co/ - registry: - authentication: - pullSecretRef: - name: acme-registry-credentials -``` - -`spec.registry.authentication.pullSecretRef` is a reference to the pull secret -that should be injected into the registry client. The secret must be of type -`kubernetes.io/dockerconfigjson` and must be in the Crossplane installation -namespace, typically `crossplane-system`. One can create the secret using the -following command: - -```shell -kubectl -n crossplane-system create secret docker-registry acme-registry-credentials --docker-server=registry1.com --docker-username= --docker-password= -``` - -### Matching image references - -`spec.matchImages` is a list of image references that the `ImageConfig` applies -to. Each item in the list specifies the type and configuration of the image -reference to match. The only supported type is `Prefix`, which matches the -prefix of the image reference. No wildcards are supported. The `type` defaults -to `Prefix` and can be omitted. - -When there are multiple `ImageConfigs` matching an image reference, the one -with the longest matching prefix is selected. If there are multiple -`ImageConfigs` with the same longest matching prefix, one of them is selected -arbitrarily. Please note that this situation occurs only if there are -overlapping prefixes in the `matchImages` lists of different `ImageConfig` -resources, which should be avoided. - -### Debugging - -When the package manager selects an `ImageConfig` for a package, it throws an -event with the reason `ImageConfigSelection` and the name of the selected -`ImageConfig` and injected pull secret. You can find these events both on the -package and package revision resources. - -For example, the following event indicates that the `ImageConfig` named -`acme-packages` was selected for the configuration named `acme-configuration-foo`: - -```shell -$ kubectl describe configuration acme-configuration-foo -... -Events: - Type Reason Age From Message - ---- ------ ---- ---- ------- - Normal ImageConfigSelection 45s packages/configuration.pkg.crossplane.io Selected pullSecret "acme-registry-credentials" from ImageConfig "acme-packages" for registry authentication -``` - -If you can't find the expected event, ensure the prefix of the image reference -matches the `matchImages` list of any `ImageConfig` resources in the cluster. - - \ No newline at end of file diff --git a/content/v1.17/_index.md b/content/v1.20/_index.md similarity index 81% rename from content/v1.17/_index.md rename to content/v1.20/_index.md index 94f2d8ae..cec82e69 100644 --- a/content/v1.17/_index.md +++ b/content/v1.20/_index.md @@ -2,20 +2,20 @@ title: "Overview" weight: -1 cascade: - version: "1.17" + version: "1.20" --- {{< img src="/media/banner.png" alt="Crossplane Popsicle Truck" size="large" >}}
-Crossplane is an open source Kubernetes extension that transforms your Kubernetes -cluster into a **universal control plane**. +Crossplane is an open source Kubernetes extension that transforms your Kubernetes +cluster into a **universal control plane**. Crossplane lets you manage anything, anywhere, all through standard Kubernetes -APIs. Crossplane can even let you -[order a pizza](https://blog.crossplane.io/providers-101-ordering-pizza-with-kubernetes-and-crossplane/) -directly from Kubernetes. If it has an API, Crossplane can connect to it. +APIs. Crossplane can even let you +[order a pizza](https://blog.crossplane.io/providers-101-ordering-pizza-with-kubernetes-and-crossplane/) +directly from Kubernetes. If it has an API, Crossplane can connect to it. With Crossplane, platform teams can create new abstractions and custom APIs with the full power of Kubernetes policies, namespaces, role based access @@ -28,21 +28,21 @@ developers. A single API call can create multiple resources, in multiple clouds and use Kubernetes as the control plane for everything. {{< hint "tip" >}} -**What's a control plane?** +**What's a control plane?** Control planes create and manage the lifecycle of resources. Control planes constantly _check_ that the intended resources exist, _report_ when the intended -state doesn't match reality and _act_ to make things right. +state doesn't match reality and _act_ to make things right. Crossplane extends the Kubernetes control plane to be a **universal control -plane** to check, report and act on any resource, anywhere. +plane** to check, report and act on any resource, anywhere. {{< /hint >}} # Get started * [Install Crossplane]({{}}) in your Kubernetes cluster -* Learn more about how Crossplane works in the +* Learn more about how Crossplane works in the [Crossplane introduction]({{}}) * Join the [Crossplane Slack](https://slack.crossplane.io/) and start a conversation with a community of over 7,000 operators. diff --git a/content/v1.17/api/_index.md b/content/v1.20/api/_index.md similarity index 100% rename from content/v1.17/api/_index.md rename to content/v1.20/api/_index.md diff --git a/content/v1.17/api/crds/apiextensions.crossplane.io_compositeresourcedefinitions.yaml b/content/v1.20/api/crds/apiextensions.crossplane.io_compositeresourcedefinitions.yaml similarity index 99% rename from content/v1.17/api/crds/apiextensions.crossplane.io_compositeresourcedefinitions.yaml rename to content/v1.20/api/crds/apiextensions.crossplane.io_compositeresourcedefinitions.yaml index b71780bd..d5ee8997 100644 --- a/content/v1.17/api/crds/apiextensions.crossplane.io_compositeresourcedefinitions.yaml +++ b/content/v1.20/api/crds/apiextensions.crossplane.io_compositeresourcedefinitions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: compositeresourcedefinitions.apiextensions.crossplane.io spec: group: apiextensions.crossplane.io @@ -36,7 +36,6 @@ spec: A CompositeResourceDefinition defines the schema for a new custom Kubernetes API. - Read the Crossplane documentation for [more information about CustomResourceDefinitions](https://docs.crossplane.io/latest/concepts/composite-resource-definitions). properties: @@ -155,7 +154,6 @@ spec: service is a reference to the service for this webhook. Either service or url must be specified. - If the webhook is running within the cluster, then you should use `service`. properties: name: @@ -189,29 +187,24 @@ spec: (`scheme://host:port/path`). Exactly one of `url` or `service` must be specified. - The `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address. - Please note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster. - The scheme must be "https"; the URL must begin with "https://". - A path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier. - Attempting to use a user or basic auth e.g. "user:password@" is not allowed. Fragments ("#...") and query parameters ("?...") are not allowed, either. diff --git a/content/v1.17/api/crds/apiextensions.crossplane.io_compositionrevisions.yaml b/content/v1.20/api/crds/apiextensions.crossplane.io_compositionrevisions.yaml similarity index 67% rename from content/v1.17/api/crds/apiextensions.crossplane.io_compositionrevisions.yaml rename to content/v1.20/api/crds/apiextensions.crossplane.io_compositionrevisions.yaml index 22c60210..72c81b26 100644 --- a/content/v1.17/api/crds/apiextensions.crossplane.io_compositionrevisions.yaml +++ b/content/v1.20/api/crds/apiextensions.crossplane.io_compositionrevisions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: compositionrevisions.apiextensions.crossplane.io spec: group: apiextensions.crossplane.io @@ -38,7 +38,6 @@ spec: A CompositionRevision represents a revision of a Composition. Crossplane creates new revisions when there are changes to the Composition. - Crossplane creates and manages CompositionRevisions. Don't directly edit CompositionRevisions. properties: @@ -82,522 +81,19 @@ spec: x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - environment: - description: |- - Environment configures the environment in which resources are rendered. - - - THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored - unless the relevant Crossplane feature flag is enabled, and may be - changed or removed without notice. - properties: - defaultData: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: |- - DefaultData statically defines the initial state of the environment. - It has the same schema-less structure as the data field in - environment configs. - It is overwritten by the selected environment configs. - type: object - environmentConfigs: - description: |- - EnvironmentConfigs selects a list of `EnvironmentConfig`s. The resolved - resources are stored in the composite resource at - `spec.environmentConfigRefs` and is only updated if it is null. - - - The list of references is used to compute an in-memory environment at - compose time. The data of all object is merged in the order they are - listed, meaning the values of EnvironmentConfigs with a larger index take - priority over ones with smaller indices. - - - The computed environment can be accessed in a composition using - `FromEnvironmentFieldPath` and `CombineFromEnvironment` patches. - items: - description: EnvironmentSource selects a EnvironmentConfig resource. - properties: - ref: - description: |- - Ref is a named reference to a single EnvironmentConfig. - Either Ref or Selector is required. - properties: - name: - description: The name of the object. - type: string - required: - - name - type: object - selector: - description: Selector selects EnvironmentConfig(s) via labels. - properties: - matchLabels: - description: MatchLabels ensures an object with matching - labels is selected. - items: - description: |- - An EnvironmentSourceSelectorLabelMatcher acts like a k8s label selector but - can draw the label value from a different path. - properties: - fromFieldPathPolicy: - default: Required - description: |- - FromFieldPathPolicy specifies the policy for the valueFromFieldPath. - The default is Required, meaning that an error will be returned if the - field is not found in the composite resource. - Optional means that if the field is not found in the composite resource, - that label pair will just be skipped. N.B. other specified label - matchers will still be used to retrieve the desired - environment config, if any. - enum: - - Optional - - Required - type: string - key: - description: Key of the label to match. - type: string - type: - default: FromCompositeFieldPath - description: Type specifies where the value for - a label comes from. - enum: - - FromCompositeFieldPath - - Value - type: string - value: - description: Value specifies a literal label value. - type: string - valueFromFieldPath: - description: ValueFromFieldPath specifies the - field path to look for the label value. - type: string - required: - - key - type: object - type: array - maxMatch: - description: MaxMatch specifies the number of extracted - EnvironmentConfigs in Multiple mode, extracts all - if nil. - format: int64 - type: integer - minMatch: - description: MinMatch specifies the required minimum - of extracted EnvironmentConfigs in Multiple mode. - format: int64 - type: integer - mode: - default: Single - description: 'Mode specifies retrieval strategy: "Single" - or "Multiple".' - enum: - - Single - - Multiple - type: string - sortByFieldPath: - default: metadata.name - description: SortByFieldPath is the path to the field - based on which list of EnvironmentConfigs is alphabetically - sorted. - type: string - type: object - type: - default: Reference - description: |- - Type specifies the way the EnvironmentConfig is selected. - Default is `Reference` - enum: - - Reference - - Selector - type: string - type: object - type: array - patches: - description: |- - Patches is a list of environment patches that are executed before a - composition's resources are composed. - items: - description: EnvironmentPatch is a patch for a Composition environment. - properties: - combine: - description: |- - Combine is the patch configuration for a CombineFromComposite or - CombineToComposite patch. - properties: - strategy: - description: |- - Strategy defines the strategy to use to combine the input variable values. - Currently only string is supported. - enum: - - string - type: string - string: - description: |- - String declares that input variables should be combined into a single - string, using the relevant settings for formatting purposes. - properties: - fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. - type: string - required: - - fmt - type: object - variables: - description: |- - Variables are the list of variables whose values will be retrieved and - combined. - items: - description: |- - A CombineVariable defines the source of a value that is combined with - others to form and patch an output value. Currently, this only supports - retrieving values from a field path. - properties: - fromFieldPath: - description: |- - FromFieldPath is the path of the field on the source whose value is - to be used as input. - type: string - required: - - fromFieldPath - type: object - minItems: 1 - type: array - required: - - strategy - - variables - type: object - fromFieldPath: - description: |- - FromFieldPath is the path of the field on the resource whose value is - to be used as input. Required when type is FromCompositeFieldPath or - ToCompositeFieldPath. - type: string - policy: - description: Policy configures the specifics of patching - behaviour. - properties: - fromFieldPath: - description: |- - FromFieldPath specifies how to patch from a field path. The default is - 'Optional', which means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if the patch should fail if - the specified path does not exist. - enum: - - Optional - - Required - type: string - mergeOptions: - description: MergeOptions Specifies merge options on - a field path. - properties: - appendSlice: - description: Specifies that already existing elements - in a merged slice should be preserved - type: boolean - keepMapValues: - description: Specifies that already existing values - in a merged map should be preserved - type: boolean - type: object - type: object - toFieldPath: - description: |- - ToFieldPath is the path of the field on the resource whose value will - be changed with the result of transforms. Leave empty if you'd like to - propagate to the same path as fromFieldPath. - type: string - transforms: - description: |- - Transforms are the list of functions that are used as a FIFO pipe for the - input to be transformed. - items: - description: |- - Transform is a unit of process whose input is transformed into an output with - the supplied configuration. - properties: - convert: - description: Convert is used to cast the input into - the given output type. - properties: - format: - description: |- - The expected input format. - - - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). - Only used during `string -> float64` conversions. - * `json` - parses the input as a JSON string. - Only used during `string -> object` or `string -> list` conversions. - - - If this property is null, the default conversion is applied. - enum: - - none - - quantity - - json - type: string - toType: - description: ToType is the type of the output - of this transform. - enum: - - string - - int - - int64 - - bool - - float64 - - object - - array - type: string - required: - - toType - type: object - map: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: Map uses the input as a key in the given - map and returns the value. - type: object - match: - description: Match is a more complex version of Map - that matches a list of patterns. - properties: - fallbackTo: - default: Value - description: Determines to what value the transform - should fallback if no pattern matches. - enum: - - Value - - Input - type: string - fallbackValue: - description: |- - The fallback value that should be returned by the transform if now pattern - matches. - x-kubernetes-preserve-unknown-fields: true - patterns: - description: |- - The patterns that should be tested against the input string. - Patterns are tested in order. The value of the first match is used as - result of this transform. - items: - description: |- - MatchTransformPattern is a transform that returns the value that matches a - pattern. - properties: - literal: - description: |- - Literal exactly matches the input string (case sensitive). - Is required if `type` is `literal`. - type: string - regexp: - description: |- - Regexp to match against the input string. - Is required if `type` is `regexp`. - type: string - result: - description: The value that is used as result - of the transform if the pattern matches. - x-kubernetes-preserve-unknown-fields: true - type: - default: literal - description: |- - Type specifies how the pattern matches the input. - - - * `literal` - the pattern value has to exactly match (case sensitive) the - input string. This is the default. - - - * `regexp` - the pattern treated as a regular expression against - which the input string is tested. Crossplane will throw an error if the - key is not a valid regexp. - enum: - - literal - - regexp - type: string - required: - - result - - type - type: object - type: array - type: object - math: - description: |- - Math is used to transform the input via mathematical operations such as - multiplication. - properties: - clampMax: - description: ClampMax makes sure that the value - is not bigger than the given value. - format: int64 - type: integer - clampMin: - description: ClampMin makes sure that the value - is not smaller than the given value. - format: int64 - type: integer - multiply: - description: Multiply the value. - format: int64 - type: integer - type: - default: Multiply - description: Type of the math transform to be - run. - enum: - - Multiply - - ClampMin - - ClampMax - type: string - type: object - string: - description: |- - String is used to transform the input into a string or a different kind - of string. Note that the input does not necessarily need to be a string. - properties: - convert: - description: |- - Optional conversion method to be specified. - `ToUpper` and `ToLower` change the letter case of the input string. - `ToBase64` and `FromBase64` perform a base64 conversion based on the input string. - `ToJson` converts any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input - converted to JSON. - `ToAdler32` generate a addler32 hash based on the input string. - enum: - - ToUpper - - ToLower - - ToBase64 - - FromBase64 - - ToJson - - ToSha1 - - ToSha256 - - ToSha512 - - ToAdler32 - type: string - fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. - type: string - join: - description: Join defines parameters to join a - slice of values to a string. - properties: - separator: - description: |- - Separator defines the character that should separate the values from each - other in the joined string. - type: string - required: - - separator - type: object - regexp: - description: Extract a match from the input using - a regular expression. - properties: - group: - description: Group number to match. 0 (the - default) matches the entire expression. - type: integer - match: - description: |- - Match string. May optionally include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. - type: string - required: - - match - type: object - trim: - description: Trim the prefix or suffix from the - input - type: string - type: - default: Format - description: Type of the string transform to be - run. - enum: - - Format - - Convert - - TrimPrefix - - TrimSuffix - - Regexp - - Join - type: string - type: object - type: - description: Type of the transform to be run. - enum: - - map - - match - - math - - string - - convert - type: string - required: - - type - type: object - type: array - type: - default: FromCompositeFieldPath - description: |- - Type sets the patching behaviour to be used. Each patch type may require - its own fields to be set on the Patch object. - enum: - - FromCompositeFieldPath - - ToCompositeFieldPath - - CombineFromComposite - - CombineToComposite - type: string - type: object - type: array - policy: - description: |- - Policy represents the Resolve and Resolution policies which apply to - all EnvironmentSourceReferences in EnvironmentConfigs list. - properties: - resolution: - default: Required - description: |- - Resolution specifies whether resolution of this reference is required. - The default is 'Required', which means the reconcile will fail if the - reference cannot be resolved. 'Optional' means this reference will be - a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: |- - Resolve specifies when this reference should be resolved. The default - is 'IfNotPresent', which will attempt to resolve the reference only when - the corresponding field is not present. Use 'Always' to resolve the - reference on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object mode: default: Resources description: |- Mode controls what type or "mode" of Composition will be used. - "Pipeline" indicates that a Composition specifies a pipeline of Composition Functions, each of which is responsible for producing composed resources that Crossplane should create or update. - "Resources" indicates that a Composition uses what is commonly referred to as "Patch & Transform" or P&T composition. This mode of Composition uses an array of resources, each a template for a composed resource. - All Compositions should use Pipeline mode. Resources mode is deprecated. Resources mode won't be removed in Crossplane 1.x, and will remain the default to avoid breaking legacy Compositions. However, it's no longer @@ -612,11 +108,9 @@ spec: resource in this Composition. PatchSets cannot themselves refer to other PatchSets. - PatchSets are only used by the "Resources" mode of Composition. They are ignored by other modes. - Deprecated: Use Composition Functions instead. items: description: |- @@ -638,8 +132,8 @@ spec: properties: combine: description: |- - Combine is the patch configuration for a CombineFromComposite, - CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch. + Combine is the patch configuration for a CombineFromComposite or + CombineToComposite patch. properties: strategy: description: |- @@ -688,8 +182,8 @@ spec: fromFieldPath: description: |- FromFieldPath is the path of the field on the resource whose value is - to be used as input. Required when type is FromCompositeFieldPath, - FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath. + to be used as input. Required when type is FromCompositeFieldPath or + ToCompositeFieldPath. type: string patchSetName: description: PatchSetName to include patches from. Required @@ -746,13 +240,11 @@ spec: description: |- The expected input format. - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). Only used during `string -> float64` conversions. * `json` - parses the input as a JSON string. Only used during `string -> object` or `string -> list` conversions. - If this property is null, the default conversion is applied. enum: - none @@ -827,11 +319,9 @@ spec: description: |- Type specifies how the pattern matches the input. - * `literal` - the pattern value has to exactly match (case sensitive) the input string. This is the default. - * `regexp` - the pattern treated as a regular expression against which the input string is tested. Crossplane will throw an error if the key is not a valid regexp. @@ -969,14 +459,10 @@ spec: its own fields to be set on the Patch object. enum: - FromCompositeFieldPath - - FromEnvironmentFieldPath - PatchSet - ToCompositeFieldPath - - ToEnvironmentFieldPath - - CombineFromEnvironment - CombineFromComposite - CombineToComposite - - CombineToEnvironment type: string type: object type: array @@ -991,7 +477,6 @@ spec: composite resource referring to this composition is created. One of resources and pipeline must be specified - you cannot specify both. - The Pipeline is only used by the "Pipeline" mode of Composition. It is ignored by other modes. items: @@ -1075,7 +560,6 @@ spec: with which the connection details of composite resources dynamically provisioned using this composition will be published. - THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. @@ -1091,11 +575,9 @@ spec: Resources is a list of resource templates that will be used when a composite resource referring to this composition is created. - Resources are only used by the "Resources" mode of Composition. They are ignored by other modes. - Deprecated: Use Composition Functions instead. items: description: |- @@ -1178,8 +660,8 @@ spec: properties: combine: description: |- - Combine is the patch configuration for a CombineFromComposite, - CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch. + Combine is the patch configuration for a CombineFromComposite or + CombineToComposite patch. properties: strategy: description: |- @@ -1228,8 +710,8 @@ spec: fromFieldPath: description: |- FromFieldPath is the path of the field on the resource whose value is - to be used as input. Required when type is FromCompositeFieldPath, - FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath. + to be used as input. Required when type is FromCompositeFieldPath or + ToCompositeFieldPath. type: string patchSetName: description: PatchSetName to include patches from. Required @@ -1286,13 +768,11 @@ spec: description: |- The expected input format. - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). Only used during `string -> float64` conversions. * `json` - parses the input as a JSON string. Only used during `string -> object` or `string -> list` conversions. - If this property is null, the default conversion is applied. enum: - none @@ -1367,11 +847,9 @@ spec: description: |- Type specifies how the pattern matches the input. - * `literal` - the pattern value has to exactly match (case sensitive) the input string. This is the default. - * `regexp` - the pattern treated as a regular expression against which the input string is tested. Crossplane will throw an error if the key is not a valid regexp. @@ -1509,14 +987,10 @@ spec: its own fields to be set on the Patch object. enum: - FromCompositeFieldPath - - FromEnvironmentFieldPath - PatchSet - ToCompositeFieldPath - - ToEnvironmentFieldPath - - CombineFromEnvironment - CombineFromComposite - CombineToComposite - - CombineToEnvironment type: string type: object type: array @@ -1587,12 +1061,15 @@ spec: type: object type: array revision: - description: Revision number. Newer revisions have larger numbers. + description: |- + Revision number. Newer revisions have larger numbers. + + This number can change. When a Composition transitions from state A + -> B -> A there will be only two CompositionRevisions. Crossplane will + edit the original CompositionRevision to change its revision number from + 0 to 2. format: int64 type: integer - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf writeConnectionSecretsToNamespace: description: |- WriteConnectionSecretsToNamespace specifies the namespace in which the @@ -1685,7 +1162,6 @@ spec: A CompositionRevision represents a revision of a Composition. Crossplane creates new revisions when there are changes to the Composition. - Crossplane creates and manages CompositionRevisions. Don't directly edit CompositionRevisions. properties: @@ -1729,522 +1205,19 @@ spec: x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - environment: - description: |- - Environment configures the environment in which resources are rendered. - - - THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored - unless the relevant Crossplane feature flag is enabled, and may be - changed or removed without notice. - properties: - defaultData: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: |- - DefaultData statically defines the initial state of the environment. - It has the same schema-less structure as the data field in - environment configs. - It is overwritten by the selected environment configs. - type: object - environmentConfigs: - description: |- - EnvironmentConfigs selects a list of `EnvironmentConfig`s. The resolved - resources are stored in the composite resource at - `spec.environmentConfigRefs` and is only updated if it is null. - - - The list of references is used to compute an in-memory environment at - compose time. The data of all object is merged in the order they are - listed, meaning the values of EnvironmentConfigs with a larger index take - priority over ones with smaller indices. - - - The computed environment can be accessed in a composition using - `FromEnvironmentFieldPath` and `CombineFromEnvironment` patches. - items: - description: EnvironmentSource selects a EnvironmentConfig resource. - properties: - ref: - description: |- - Ref is a named reference to a single EnvironmentConfig. - Either Ref or Selector is required. - properties: - name: - description: The name of the object. - type: string - required: - - name - type: object - selector: - description: Selector selects EnvironmentConfig(s) via labels. - properties: - matchLabels: - description: MatchLabels ensures an object with matching - labels is selected. - items: - description: |- - An EnvironmentSourceSelectorLabelMatcher acts like a k8s label selector but - can draw the label value from a different path. - properties: - fromFieldPathPolicy: - default: Required - description: |- - FromFieldPathPolicy specifies the policy for the valueFromFieldPath. - The default is Required, meaning that an error will be returned if the - field is not found in the composite resource. - Optional means that if the field is not found in the composite resource, - that label pair will just be skipped. N.B. other specified label - matchers will still be used to retrieve the desired - environment config, if any. - enum: - - Optional - - Required - type: string - key: - description: Key of the label to match. - type: string - type: - default: FromCompositeFieldPath - description: Type specifies where the value for - a label comes from. - enum: - - FromCompositeFieldPath - - Value - type: string - value: - description: Value specifies a literal label value. - type: string - valueFromFieldPath: - description: ValueFromFieldPath specifies the - field path to look for the label value. - type: string - required: - - key - type: object - type: array - maxMatch: - description: MaxMatch specifies the number of extracted - EnvironmentConfigs in Multiple mode, extracts all - if nil. - format: int64 - type: integer - minMatch: - description: MinMatch specifies the required minimum - of extracted EnvironmentConfigs in Multiple mode. - format: int64 - type: integer - mode: - default: Single - description: 'Mode specifies retrieval strategy: "Single" - or "Multiple".' - enum: - - Single - - Multiple - type: string - sortByFieldPath: - default: metadata.name - description: SortByFieldPath is the path to the field - based on which list of EnvironmentConfigs is alphabetically - sorted. - type: string - type: object - type: - default: Reference - description: |- - Type specifies the way the EnvironmentConfig is selected. - Default is `Reference` - enum: - - Reference - - Selector - type: string - type: object - type: array - patches: - description: |- - Patches is a list of environment patches that are executed before a - composition's resources are composed. - items: - description: EnvironmentPatch is a patch for a Composition environment. - properties: - combine: - description: |- - Combine is the patch configuration for a CombineFromComposite or - CombineToComposite patch. - properties: - strategy: - description: |- - Strategy defines the strategy to use to combine the input variable values. - Currently only string is supported. - enum: - - string - type: string - string: - description: |- - String declares that input variables should be combined into a single - string, using the relevant settings for formatting purposes. - properties: - fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. - type: string - required: - - fmt - type: object - variables: - description: |- - Variables are the list of variables whose values will be retrieved and - combined. - items: - description: |- - A CombineVariable defines the source of a value that is combined with - others to form and patch an output value. Currently, this only supports - retrieving values from a field path. - properties: - fromFieldPath: - description: |- - FromFieldPath is the path of the field on the source whose value is - to be used as input. - type: string - required: - - fromFieldPath - type: object - minItems: 1 - type: array - required: - - strategy - - variables - type: object - fromFieldPath: - description: |- - FromFieldPath is the path of the field on the resource whose value is - to be used as input. Required when type is FromCompositeFieldPath or - ToCompositeFieldPath. - type: string - policy: - description: Policy configures the specifics of patching - behaviour. - properties: - fromFieldPath: - description: |- - FromFieldPath specifies how to patch from a field path. The default is - 'Optional', which means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if the patch should fail if - the specified path does not exist. - enum: - - Optional - - Required - type: string - mergeOptions: - description: MergeOptions Specifies merge options on - a field path. - properties: - appendSlice: - description: Specifies that already existing elements - in a merged slice should be preserved - type: boolean - keepMapValues: - description: Specifies that already existing values - in a merged map should be preserved - type: boolean - type: object - type: object - toFieldPath: - description: |- - ToFieldPath is the path of the field on the resource whose value will - be changed with the result of transforms. Leave empty if you'd like to - propagate to the same path as fromFieldPath. - type: string - transforms: - description: |- - Transforms are the list of functions that are used as a FIFO pipe for the - input to be transformed. - items: - description: |- - Transform is a unit of process whose input is transformed into an output with - the supplied configuration. - properties: - convert: - description: Convert is used to cast the input into - the given output type. - properties: - format: - description: |- - The expected input format. - - - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). - Only used during `string -> float64` conversions. - * `json` - parses the input as a JSON string. - Only used during `string -> object` or `string -> list` conversions. - - - If this property is null, the default conversion is applied. - enum: - - none - - quantity - - json - type: string - toType: - description: ToType is the type of the output - of this transform. - enum: - - string - - int - - int64 - - bool - - float64 - - object - - array - type: string - required: - - toType - type: object - map: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: Map uses the input as a key in the given - map and returns the value. - type: object - match: - description: Match is a more complex version of Map - that matches a list of patterns. - properties: - fallbackTo: - default: Value - description: Determines to what value the transform - should fallback if no pattern matches. - enum: - - Value - - Input - type: string - fallbackValue: - description: |- - The fallback value that should be returned by the transform if now pattern - matches. - x-kubernetes-preserve-unknown-fields: true - patterns: - description: |- - The patterns that should be tested against the input string. - Patterns are tested in order. The value of the first match is used as - result of this transform. - items: - description: |- - MatchTransformPattern is a transform that returns the value that matches a - pattern. - properties: - literal: - description: |- - Literal exactly matches the input string (case sensitive). - Is required if `type` is `literal`. - type: string - regexp: - description: |- - Regexp to match against the input string. - Is required if `type` is `regexp`. - type: string - result: - description: The value that is used as result - of the transform if the pattern matches. - x-kubernetes-preserve-unknown-fields: true - type: - default: literal - description: |- - Type specifies how the pattern matches the input. - - - * `literal` - the pattern value has to exactly match (case sensitive) the - input string. This is the default. - - - * `regexp` - the pattern treated as a regular expression against - which the input string is tested. Crossplane will throw an error if the - key is not a valid regexp. - enum: - - literal - - regexp - type: string - required: - - result - - type - type: object - type: array - type: object - math: - description: |- - Math is used to transform the input via mathematical operations such as - multiplication. - properties: - clampMax: - description: ClampMax makes sure that the value - is not bigger than the given value. - format: int64 - type: integer - clampMin: - description: ClampMin makes sure that the value - is not smaller than the given value. - format: int64 - type: integer - multiply: - description: Multiply the value. - format: int64 - type: integer - type: - default: Multiply - description: Type of the math transform to be - run. - enum: - - Multiply - - ClampMin - - ClampMax - type: string - type: object - string: - description: |- - String is used to transform the input into a string or a different kind - of string. Note that the input does not necessarily need to be a string. - properties: - convert: - description: |- - Optional conversion method to be specified. - `ToUpper` and `ToLower` change the letter case of the input string. - `ToBase64` and `FromBase64` perform a base64 conversion based on the input string. - `ToJson` converts any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input - converted to JSON. - `ToAdler32` generate a addler32 hash based on the input string. - enum: - - ToUpper - - ToLower - - ToBase64 - - FromBase64 - - ToJson - - ToSha1 - - ToSha256 - - ToSha512 - - ToAdler32 - type: string - fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. - type: string - join: - description: Join defines parameters to join a - slice of values to a string. - properties: - separator: - description: |- - Separator defines the character that should separate the values from each - other in the joined string. - type: string - required: - - separator - type: object - regexp: - description: Extract a match from the input using - a regular expression. - properties: - group: - description: Group number to match. 0 (the - default) matches the entire expression. - type: integer - match: - description: |- - Match string. May optionally include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. - type: string - required: - - match - type: object - trim: - description: Trim the prefix or suffix from the - input - type: string - type: - default: Format - description: Type of the string transform to be - run. - enum: - - Format - - Convert - - TrimPrefix - - TrimSuffix - - Regexp - - Join - type: string - type: object - type: - description: Type of the transform to be run. - enum: - - map - - match - - math - - string - - convert - type: string - required: - - type - type: object - type: array - type: - default: FromCompositeFieldPath - description: |- - Type sets the patching behaviour to be used. Each patch type may require - its own fields to be set on the Patch object. - enum: - - FromCompositeFieldPath - - ToCompositeFieldPath - - CombineFromComposite - - CombineToComposite - type: string - type: object - type: array - policy: - description: |- - Policy represents the Resolve and Resolution policies which apply to - all EnvironmentSourceReferences in EnvironmentConfigs list. - properties: - resolution: - default: Required - description: |- - Resolution specifies whether resolution of this reference is required. - The default is 'Required', which means the reconcile will fail if the - reference cannot be resolved. 'Optional' means this reference will be - a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: |- - Resolve specifies when this reference should be resolved. The default - is 'IfNotPresent', which will attempt to resolve the reference only when - the corresponding field is not present. Use 'Always' to resolve the - reference on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object mode: default: Resources description: |- Mode controls what type or "mode" of Composition will be used. - "Pipeline" indicates that a Composition specifies a pipeline of Composition Functions, each of which is responsible for producing composed resources that Crossplane should create or update. - "Resources" indicates that a Composition uses what is commonly referred to as "Patch & Transform" or P&T composition. This mode of Composition uses an array of resources, each a template for a composed resource. - All Compositions should use Pipeline mode. Resources mode is deprecated. Resources mode won't be removed in Crossplane 1.x, and will remain the default to avoid breaking legacy Compositions. However, it's no longer @@ -2259,11 +1232,9 @@ spec: resource in this Composition. PatchSets cannot themselves refer to other PatchSets. - PatchSets are only used by the "Resources" mode of Composition. They are ignored by other modes. - Deprecated: Use Composition Functions instead. items: description: |- @@ -2285,8 +1256,8 @@ spec: properties: combine: description: |- - Combine is the patch configuration for a CombineFromComposite, - CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch. + Combine is the patch configuration for a CombineFromComposite or + CombineToComposite patch. properties: strategy: description: |- @@ -2335,8 +1306,8 @@ spec: fromFieldPath: description: |- FromFieldPath is the path of the field on the resource whose value is - to be used as input. Required when type is FromCompositeFieldPath, - FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath. + to be used as input. Required when type is FromCompositeFieldPath or + ToCompositeFieldPath. type: string patchSetName: description: PatchSetName to include patches from. Required @@ -2393,13 +1364,11 @@ spec: description: |- The expected input format. - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). Only used during `string -> float64` conversions. * `json` - parses the input as a JSON string. Only used during `string -> object` or `string -> list` conversions. - If this property is null, the default conversion is applied. enum: - none @@ -2474,11 +1443,9 @@ spec: description: |- Type specifies how the pattern matches the input. - * `literal` - the pattern value has to exactly match (case sensitive) the input string. This is the default. - * `regexp` - the pattern treated as a regular expression against which the input string is tested. Crossplane will throw an error if the key is not a valid regexp. @@ -2616,14 +1583,10 @@ spec: its own fields to be set on the Patch object. enum: - FromCompositeFieldPath - - FromEnvironmentFieldPath - PatchSet - ToCompositeFieldPath - - ToEnvironmentFieldPath - - CombineFromEnvironment - CombineFromComposite - CombineToComposite - - CombineToEnvironment type: string type: object type: array @@ -2638,7 +1601,6 @@ spec: composite resource referring to this composition is created. One of resources and pipeline must be specified - you cannot specify both. - The Pipeline is only used by the "Pipeline" mode of Composition. It is ignored by other modes. items: @@ -2722,7 +1684,6 @@ spec: with which the connection details of composite resources dynamically provisioned using this composition will be published. - THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. @@ -2738,11 +1699,9 @@ spec: Resources is a list of resource templates that will be used when a composite resource referring to this composition is created. - Resources are only used by the "Resources" mode of Composition. They are ignored by other modes. - Deprecated: Use Composition Functions instead. items: description: |- @@ -2825,8 +1784,8 @@ spec: properties: combine: description: |- - Combine is the patch configuration for a CombineFromComposite, - CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch. + Combine is the patch configuration for a CombineFromComposite or + CombineToComposite patch. properties: strategy: description: |- @@ -2875,8 +1834,8 @@ spec: fromFieldPath: description: |- FromFieldPath is the path of the field on the resource whose value is - to be used as input. Required when type is FromCompositeFieldPath, - FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath. + to be used as input. Required when type is FromCompositeFieldPath or + ToCompositeFieldPath. type: string patchSetName: description: PatchSetName to include patches from. Required @@ -2933,13 +1892,11 @@ spec: description: |- The expected input format. - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). Only used during `string -> float64` conversions. * `json` - parses the input as a JSON string. Only used during `string -> object` or `string -> list` conversions. - If this property is null, the default conversion is applied. enum: - none @@ -3014,11 +1971,9 @@ spec: description: |- Type specifies how the pattern matches the input. - * `literal` - the pattern value has to exactly match (case sensitive) the input string. This is the default. - * `regexp` - the pattern treated as a regular expression against which the input string is tested. Crossplane will throw an error if the key is not a valid regexp. @@ -3156,14 +2111,10 @@ spec: its own fields to be set on the Patch object. enum: - FromCompositeFieldPath - - FromEnvironmentFieldPath - PatchSet - ToCompositeFieldPath - - ToEnvironmentFieldPath - - CombineFromEnvironment - CombineFromComposite - CombineToComposite - - CombineToEnvironment type: string type: object type: array @@ -3234,12 +2185,15 @@ spec: type: object type: array revision: - description: Revision number. Newer revisions have larger numbers. + description: |- + Revision number. Newer revisions have larger numbers. + + This number can change. When a Composition transitions from state A + -> B -> A there will be only two CompositionRevisions. Crossplane will + edit the original CompositionRevision to change its revision number from + 0 to 2. format: int64 type: integer - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf writeConnectionSecretsToNamespace: description: |- WriteConnectionSecretsToNamespace specifies the namespace in which the diff --git a/content/v1.17/api/crds/apiextensions.crossplane.io_compositions.yaml b/content/v1.20/api/crds/apiextensions.crossplane.io_compositions.yaml similarity index 66% rename from content/v1.17/api/crds/apiextensions.crossplane.io_compositions.yaml rename to content/v1.20/api/crds/apiextensions.crossplane.io_compositions.yaml index d8fa4067..9b97bd5d 100644 --- a/content/v1.17/api/crds/apiextensions.crossplane.io_compositions.yaml +++ b/content/v1.20/api/crds/apiextensions.crossplane.io_compositions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: compositions.apiextensions.crossplane.io spec: group: apiextensions.crossplane.io @@ -35,7 +35,6 @@ spec: A Composition defines a collection of managed resources or functions that Crossplane uses to create and manage new composite resources. - Read the Crossplane documentation for [more information about Compositions](https://docs.crossplane.io/latest/concepts/compositions). properties: @@ -77,522 +76,19 @@ spec: x-kubernetes-validations: - message: Value is immutable rule: self == oldSelf - environment: - description: |- - Environment configures the environment in which resources are rendered. - - - THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored - unless the relevant Crossplane feature flag is enabled, and may be - changed or removed without notice. - properties: - defaultData: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: |- - DefaultData statically defines the initial state of the environment. - It has the same schema-less structure as the data field in - environment configs. - It is overwritten by the selected environment configs. - type: object - environmentConfigs: - description: |- - EnvironmentConfigs selects a list of `EnvironmentConfig`s. The resolved - resources are stored in the composite resource at - `spec.environmentConfigRefs` and is only updated if it is null. - - - The list of references is used to compute an in-memory environment at - compose time. The data of all object is merged in the order they are - listed, meaning the values of EnvironmentConfigs with a larger index take - priority over ones with smaller indices. - - - The computed environment can be accessed in a composition using - `FromEnvironmentFieldPath` and `CombineFromEnvironment` patches. - items: - description: EnvironmentSource selects a EnvironmentConfig resource. - properties: - ref: - description: |- - Ref is a named reference to a single EnvironmentConfig. - Either Ref or Selector is required. - properties: - name: - description: The name of the object. - type: string - required: - - name - type: object - selector: - description: Selector selects EnvironmentConfig(s) via labels. - properties: - matchLabels: - description: MatchLabels ensures an object with matching - labels is selected. - items: - description: |- - An EnvironmentSourceSelectorLabelMatcher acts like a k8s label selector but - can draw the label value from a different path. - properties: - fromFieldPathPolicy: - default: Required - description: |- - FromFieldPathPolicy specifies the policy for the valueFromFieldPath. - The default is Required, meaning that an error will be returned if the - field is not found in the composite resource. - Optional means that if the field is not found in the composite resource, - that label pair will just be skipped. N.B. other specified label - matchers will still be used to retrieve the desired - environment config, if any. - enum: - - Optional - - Required - type: string - key: - description: Key of the label to match. - type: string - type: - default: FromCompositeFieldPath - description: Type specifies where the value for - a label comes from. - enum: - - FromCompositeFieldPath - - Value - type: string - value: - description: Value specifies a literal label value. - type: string - valueFromFieldPath: - description: ValueFromFieldPath specifies the - field path to look for the label value. - type: string - required: - - key - type: object - type: array - maxMatch: - description: MaxMatch specifies the number of extracted - EnvironmentConfigs in Multiple mode, extracts all - if nil. - format: int64 - type: integer - minMatch: - description: MinMatch specifies the required minimum - of extracted EnvironmentConfigs in Multiple mode. - format: int64 - type: integer - mode: - default: Single - description: 'Mode specifies retrieval strategy: "Single" - or "Multiple".' - enum: - - Single - - Multiple - type: string - sortByFieldPath: - default: metadata.name - description: SortByFieldPath is the path to the field - based on which list of EnvironmentConfigs is alphabetically - sorted. - type: string - type: object - type: - default: Reference - description: |- - Type specifies the way the EnvironmentConfig is selected. - Default is `Reference` - enum: - - Reference - - Selector - type: string - type: object - type: array - patches: - description: |- - Patches is a list of environment patches that are executed before a - composition's resources are composed. - items: - description: EnvironmentPatch is a patch for a Composition environment. - properties: - combine: - description: |- - Combine is the patch configuration for a CombineFromComposite or - CombineToComposite patch. - properties: - strategy: - description: |- - Strategy defines the strategy to use to combine the input variable values. - Currently only string is supported. - enum: - - string - type: string - string: - description: |- - String declares that input variables should be combined into a single - string, using the relevant settings for formatting purposes. - properties: - fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. - type: string - required: - - fmt - type: object - variables: - description: |- - Variables are the list of variables whose values will be retrieved and - combined. - items: - description: |- - A CombineVariable defines the source of a value that is combined with - others to form and patch an output value. Currently, this only supports - retrieving values from a field path. - properties: - fromFieldPath: - description: |- - FromFieldPath is the path of the field on the source whose value is - to be used as input. - type: string - required: - - fromFieldPath - type: object - minItems: 1 - type: array - required: - - strategy - - variables - type: object - fromFieldPath: - description: |- - FromFieldPath is the path of the field on the resource whose value is - to be used as input. Required when type is FromCompositeFieldPath or - ToCompositeFieldPath. - type: string - policy: - description: Policy configures the specifics of patching - behaviour. - properties: - fromFieldPath: - description: |- - FromFieldPath specifies how to patch from a field path. The default is - 'Optional', which means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if the patch should fail if - the specified path does not exist. - enum: - - Optional - - Required - type: string - mergeOptions: - description: MergeOptions Specifies merge options on - a field path. - properties: - appendSlice: - description: Specifies that already existing elements - in a merged slice should be preserved - type: boolean - keepMapValues: - description: Specifies that already existing values - in a merged map should be preserved - type: boolean - type: object - type: object - toFieldPath: - description: |- - ToFieldPath is the path of the field on the resource whose value will - be changed with the result of transforms. Leave empty if you'd like to - propagate to the same path as fromFieldPath. - type: string - transforms: - description: |- - Transforms are the list of functions that are used as a FIFO pipe for the - input to be transformed. - items: - description: |- - Transform is a unit of process whose input is transformed into an output with - the supplied configuration. - properties: - convert: - description: Convert is used to cast the input into - the given output type. - properties: - format: - description: |- - The expected input format. - - - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). - Only used during `string -> float64` conversions. - * `json` - parses the input as a JSON string. - Only used during `string -> object` or `string -> list` conversions. - - - If this property is null, the default conversion is applied. - enum: - - none - - quantity - - json - type: string - toType: - description: ToType is the type of the output - of this transform. - enum: - - string - - int - - int64 - - bool - - float64 - - object - - array - type: string - required: - - toType - type: object - map: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: Map uses the input as a key in the given - map and returns the value. - type: object - match: - description: Match is a more complex version of Map - that matches a list of patterns. - properties: - fallbackTo: - default: Value - description: Determines to what value the transform - should fallback if no pattern matches. - enum: - - Value - - Input - type: string - fallbackValue: - description: |- - The fallback value that should be returned by the transform if now pattern - matches. - x-kubernetes-preserve-unknown-fields: true - patterns: - description: |- - The patterns that should be tested against the input string. - Patterns are tested in order. The value of the first match is used as - result of this transform. - items: - description: |- - MatchTransformPattern is a transform that returns the value that matches a - pattern. - properties: - literal: - description: |- - Literal exactly matches the input string (case sensitive). - Is required if `type` is `literal`. - type: string - regexp: - description: |- - Regexp to match against the input string. - Is required if `type` is `regexp`. - type: string - result: - description: The value that is used as result - of the transform if the pattern matches. - x-kubernetes-preserve-unknown-fields: true - type: - default: literal - description: |- - Type specifies how the pattern matches the input. - - - * `literal` - the pattern value has to exactly match (case sensitive) the - input string. This is the default. - - - * `regexp` - the pattern treated as a regular expression against - which the input string is tested. Crossplane will throw an error if the - key is not a valid regexp. - enum: - - literal - - regexp - type: string - required: - - result - - type - type: object - type: array - type: object - math: - description: |- - Math is used to transform the input via mathematical operations such as - multiplication. - properties: - clampMax: - description: ClampMax makes sure that the value - is not bigger than the given value. - format: int64 - type: integer - clampMin: - description: ClampMin makes sure that the value - is not smaller than the given value. - format: int64 - type: integer - multiply: - description: Multiply the value. - format: int64 - type: integer - type: - default: Multiply - description: Type of the math transform to be - run. - enum: - - Multiply - - ClampMin - - ClampMax - type: string - type: object - string: - description: |- - String is used to transform the input into a string or a different kind - of string. Note that the input does not necessarily need to be a string. - properties: - convert: - description: |- - Optional conversion method to be specified. - `ToUpper` and `ToLower` change the letter case of the input string. - `ToBase64` and `FromBase64` perform a base64 conversion based on the input string. - `ToJson` converts any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input - converted to JSON. - `ToAdler32` generate a addler32 hash based on the input string. - enum: - - ToUpper - - ToLower - - ToBase64 - - FromBase64 - - ToJson - - ToSha1 - - ToSha256 - - ToSha512 - - ToAdler32 - type: string - fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. - type: string - join: - description: Join defines parameters to join a - slice of values to a string. - properties: - separator: - description: |- - Separator defines the character that should separate the values from each - other in the joined string. - type: string - required: - - separator - type: object - regexp: - description: Extract a match from the input using - a regular expression. - properties: - group: - description: Group number to match. 0 (the - default) matches the entire expression. - type: integer - match: - description: |- - Match string. May optionally include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. - type: string - required: - - match - type: object - trim: - description: Trim the prefix or suffix from the - input - type: string - type: - default: Format - description: Type of the string transform to be - run. - enum: - - Format - - Convert - - TrimPrefix - - TrimSuffix - - Regexp - - Join - type: string - type: object - type: - description: Type of the transform to be run. - enum: - - map - - match - - math - - string - - convert - type: string - required: - - type - type: object - type: array - type: - default: FromCompositeFieldPath - description: |- - Type sets the patching behaviour to be used. Each patch type may require - its own fields to be set on the Patch object. - enum: - - FromCompositeFieldPath - - ToCompositeFieldPath - - CombineFromComposite - - CombineToComposite - type: string - type: object - type: array - policy: - description: |- - Policy represents the Resolve and Resolution policies which apply to - all EnvironmentSourceReferences in EnvironmentConfigs list. - properties: - resolution: - default: Required - description: |- - Resolution specifies whether resolution of this reference is required. - The default is 'Required', which means the reconcile will fail if the - reference cannot be resolved. 'Optional' means this reference will be - a no-op if it cannot be resolved. - enum: - - Required - - Optional - type: string - resolve: - description: |- - Resolve specifies when this reference should be resolved. The default - is 'IfNotPresent', which will attempt to resolve the reference only when - the corresponding field is not present. Use 'Always' to resolve the - reference on every reconcile. - enum: - - Always - - IfNotPresent - type: string - type: object - type: object mode: default: Resources description: |- Mode controls what type or "mode" of Composition will be used. - "Pipeline" indicates that a Composition specifies a pipeline of Composition Functions, each of which is responsible for producing composed resources that Crossplane should create or update. - "Resources" indicates that a Composition uses what is commonly referred to as "Patch & Transform" or P&T composition. This mode of Composition uses an array of resources, each a template for a composed resource. - All Compositions should use Pipeline mode. Resources mode is deprecated. Resources mode won't be removed in Crossplane 1.x, and will remain the default to avoid breaking legacy Compositions. However, it's no longer @@ -607,11 +103,9 @@ spec: resource in this Composition. PatchSets cannot themselves refer to other PatchSets. - PatchSets are only used by the "Resources" mode of Composition. They are ignored by other modes. - Deprecated: Use Composition Functions instead. items: description: |- @@ -633,8 +127,8 @@ spec: properties: combine: description: |- - Combine is the patch configuration for a CombineFromComposite, - CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch. + Combine is the patch configuration for a CombineFromComposite or + CombineToComposite patch. properties: strategy: description: |- @@ -683,8 +177,8 @@ spec: fromFieldPath: description: |- FromFieldPath is the path of the field on the resource whose value is - to be used as input. Required when type is FromCompositeFieldPath, - FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath. + to be used as input. Required when type is FromCompositeFieldPath or + ToCompositeFieldPath. type: string patchSetName: description: PatchSetName to include patches from. Required @@ -741,13 +235,11 @@ spec: description: |- The expected input format. - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). Only used during `string -> float64` conversions. * `json` - parses the input as a JSON string. Only used during `string -> object` or `string -> list` conversions. - If this property is null, the default conversion is applied. enum: - none @@ -822,11 +314,9 @@ spec: description: |- Type specifies how the pattern matches the input. - * `literal` - the pattern value has to exactly match (case sensitive) the input string. This is the default. - * `regexp` - the pattern treated as a regular expression against which the input string is tested. Crossplane will throw an error if the key is not a valid regexp. @@ -964,14 +454,10 @@ spec: its own fields to be set on the Patch object. enum: - FromCompositeFieldPath - - FromEnvironmentFieldPath - PatchSet - ToCompositeFieldPath - - ToEnvironmentFieldPath - - CombineFromEnvironment - CombineFromComposite - CombineToComposite - - CombineToEnvironment type: string type: object type: array @@ -986,7 +472,6 @@ spec: composite resource referring to this composition is created. One of resources and pipeline must be specified - you cannot specify both. - The Pipeline is only used by the "Pipeline" mode of Composition. It is ignored by other modes. items: @@ -1070,7 +555,6 @@ spec: with which the connection details of composite resources dynamically provisioned using this composition will be published. - THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is enabled, and may be changed or removed without notice. @@ -1086,11 +570,9 @@ spec: Resources is a list of resource templates that will be used when a composite resource referring to this composition is created. - Resources are only used by the "Resources" mode of Composition. They are ignored by other modes. - Deprecated: Use Composition Functions instead. items: description: |- @@ -1173,8 +655,8 @@ spec: properties: combine: description: |- - Combine is the patch configuration for a CombineFromComposite, - CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch. + Combine is the patch configuration for a CombineFromComposite or + CombineToComposite patch. properties: strategy: description: |- @@ -1223,8 +705,8 @@ spec: fromFieldPath: description: |- FromFieldPath is the path of the field on the resource whose value is - to be used as input. Required when type is FromCompositeFieldPath, - FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath. + to be used as input. Required when type is FromCompositeFieldPath or + ToCompositeFieldPath. type: string patchSetName: description: PatchSetName to include patches from. Required @@ -1281,13 +763,11 @@ spec: description: |- The expected input format. - * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). Only used during `string -> float64` conversions. * `json` - parses the input as a JSON string. Only used during `string -> object` or `string -> list` conversions. - If this property is null, the default conversion is applied. enum: - none @@ -1362,11 +842,9 @@ spec: description: |- Type specifies how the pattern matches the input. - * `literal` - the pattern value has to exactly match (case sensitive) the input string. This is the default. - * `regexp` - the pattern treated as a regular expression against which the input string is tested. Crossplane will throw an error if the key is not a valid regexp. @@ -1504,14 +982,10 @@ spec: its own fields to be set on the Patch object. enum: - FromCompositeFieldPath - - FromEnvironmentFieldPath - PatchSet - ToCompositeFieldPath - - ToEnvironmentFieldPath - - CombineFromEnvironment - CombineFromComposite - CombineToComposite - - CombineToEnvironment type: string type: object type: array diff --git a/content/v1.17/api/crds/apiextensions.crossplane.io_environmentconfigs.yaml b/content/v1.20/api/crds/apiextensions.crossplane.io_environmentconfigs.yaml similarity index 54% rename from content/v1.17/api/crds/apiextensions.crossplane.io_environmentconfigs.yaml rename to content/v1.20/api/crds/apiextensions.crossplane.io_environmentconfigs.yaml index 03db70ad..065e14ec 100644 --- a/content/v1.17/api/crds/apiextensions.crossplane.io_environmentconfigs.yaml +++ b/content/v1.20/api/crds/apiextensions.crossplane.io_environmentconfigs.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: environmentconfigs.apiextensions.crossplane.io spec: group: apiextensions.crossplane.io @@ -29,6 +29,47 @@ spec: An EnvironmentConfig contains user-defined unstructured values for use in a Composition. + Read the Crossplane documentation for + [more information about EnvironmentConfigs](https://docs.crossplane.io/latest/concepts/environment-configs). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + data: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: |- + The data of this EnvironmentConfig. + This may contain any kind of structure that can be serialized into JSON. + type: object + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + type: object + served: true + storage: false + subresources: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + An EnvironmentConfig contains user-defined unstructured values for + use in a Composition. Read the Crossplane documentation for [more information about EnvironmentConfigs](https://docs.crossplane.io/latest/concepts/environment-configs). diff --git a/content/v1.17/api/crds/apiextensions.crossplane.io_usages.yaml b/content/v1.20/api/crds/apiextensions.crossplane.io_usages.yaml similarity index 50% rename from content/v1.17/api/crds/apiextensions.crossplane.io_usages.yaml rename to content/v1.20/api/crds/apiextensions.crossplane.io_usages.yaml index 34b65899..a7624da7 100644 --- a/content/v1.17/api/crds/apiextensions.crossplane.io_usages.yaml +++ b/content/v1.20/api/crds/apiextensions.crossplane.io_usages.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: usages.apiextensions.crossplane.io spec: group: apiextensions.crossplane.io @@ -32,11 +32,9 @@ spec: description: |- A Usage defines a deletion blocking relationship between two resources. - Usages prevent accidental deletion of a single resource or deletion of resources with dependent resources. - Read the Crossplane documentation for [more information about Compositions](https://docs.crossplane.io/latest/concepts/usages). properties: @@ -215,3 +213,200 @@ spec: storage: true subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.annotations.crossplane\.io/usage-details + name: DETAILS + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: |- + A Usage defines a deletion blocking relationship between two resources. + + Usages prevent accidental deletion of a single resource or deletion of + resources with dependent resources. + + Read the Crossplane documentation for + [more information about Compositions](https://docs.crossplane.io/latest/concepts/usages). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: UsageSpec defines the desired state of Usage. + properties: + by: + description: By is the resource that is "using the other resource". + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + resourceRef: + description: Reference to the resource. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + resourceSelector: + description: |- + Selector to the resource. + This field will be ignored if ResourceRef is set. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + type: object + type: object + x-kubernetes-validations: + - message: either a resource reference or a resource selector should + be set. + rule: has(self.resourceRef) || has(self.resourceSelector) + of: + description: Of is the resource that is "being used". + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + resourceRef: + description: Reference to the resource. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + resourceSelector: + description: |- + Selector to the resource. + This field will be ignored if ResourceRef is set. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + type: object + type: object + x-kubernetes-validations: + - message: either a resource reference or a resource selector should + be set. + rule: has(self.resourceRef) || has(self.resourceSelector) + reason: + description: Reason is the reason for blocking deletion of the resource. + type: string + replayDeletion: + description: ReplayDeletion will trigger a deletion on the used resource + during the deletion of the usage itself, if it was attempted to + be deleted at least once. + type: boolean + required: + - of + type: object + x-kubernetes-validations: + - message: either "spec.by" or "spec.reason" must be specified. + rule: has(self.by) || has(self.reason) + status: + description: UsageStatus defines the observed state of Usage. + properties: + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. + format: date-time + type: string + message: + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. + type: string + observedGeneration: + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} diff --git a/content/v1.17/api/crds/pkg.crossplane.io_configurationrevisions.yaml b/content/v1.20/api/crds/pkg.crossplane.io_configurationrevisions.yaml similarity index 88% rename from content/v1.17/api/crds/pkg.crossplane.io_configurationrevisions.yaml rename to content/v1.20/api/crds/pkg.crossplane.io_configurationrevisions.yaml index d1b5ef78..5fc418dd 100644 --- a/content/v1.17/api/crds/pkg.crossplane.io_configurationrevisions.yaml +++ b/content/v1.20/api/crds/pkg.crossplane.io_configurationrevisions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: configurationrevisions.pkg.crossplane.io spec: group: pkg.crossplane.io @@ -46,7 +46,6 @@ spec: A ConfigurationRevision represents a revision of a Configuration. Crossplane creates new revisions when there are changes to a Configuration. - Crossplane creates and manages ConfigurationRevision. Don't directly edit ConfigurationRevisions. properties: @@ -113,10 +112,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -144,6 +146,27 @@ spec: description: PackageRevisionStatus represents the observed state of a PackageRevision. properties: + appliedImageConfigRefs: + description: |- + AppliedImageConfigRefs records any image configs that were applied in + reconciling this revision, and what they were used for. + items: + description: |- + ImageConfigRef is a reference to an image config that indicates how the + referenced image config was used by the package manager. + properties: + name: + description: Name is the name of the image config. + type: string + reason: + description: Reason indicates what the image config was used + for. + type: string + required: + - name + - reason + type: object + type: array conditions: description: Conditions of the resource. items: @@ -279,6 +302,12 @@ spec: - verbs type: object type: array + resolvedImage: + description: |- + ResolvedPackage is the name of the package that was installed. It may be + different from spec.image if the package path was rewritten using an + image config. + type: string type: object type: object served: true diff --git a/content/v1.17/api/crds/pkg.crossplane.io_configurations.yaml b/content/v1.20/api/crds/pkg.crossplane.io_configurations.yaml similarity index 84% rename from content/v1.17/api/crds/pkg.crossplane.io_configurations.yaml rename to content/v1.20/api/crds/pkg.crossplane.io_configurations.yaml index 68281a42..05f33741 100644 --- a/content/v1.17/api/crds/pkg.crossplane.io_configurations.yaml +++ b/content/v1.20/api/crds/pkg.crossplane.io_configurations.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: configurations.pkg.crossplane.io spec: group: pkg.crossplane.io @@ -38,7 +38,6 @@ spec: Crossplane with support for new kinds of CompositeResourceDefinitions and Compositions. - Read the Crossplane documentation for [more information about Configuration packages](https://docs.crossplane.io/latest/concepts/packages). properties: @@ -99,10 +98,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -136,6 +138,27 @@ spec: status: description: ConfigurationStatus represents the observed state of a Configuration. properties: + appliedImageConfigRefs: + description: |- + AppliedImageConfigRefs records any image configs that were applied in + reconciling this package, and what they were used for. + items: + description: |- + ImageConfigRef is a reference to an image config that indicates how the + referenced image config was used by the package manager. + properties: + name: + description: Name is the name of the image config. + type: string + reason: + description: Reason indicates what the image config was used + for. + type: string + required: + - name + - reason + type: object + type: array conditions: description: Conditions of the resource. items: @@ -197,6 +220,12 @@ spec: reflect the most up to date revision, whether it has been activated or not. type: string + resolvedPackage: + description: |- + ResolvedPackage is the name of the package that was used for version + resolution. It may be different from spec.package if the package path was + rewritten using an image config. + type: string type: object type: object served: true diff --git a/content/v1.17/api/crds/pkg.crossplane.io_controllerconfigs.yaml b/content/v1.20/api/crds/pkg.crossplane.io_controllerconfigs.yaml similarity index 94% rename from content/v1.17/api/crds/pkg.crossplane.io_controllerconfigs.yaml rename to content/v1.20/api/crds/pkg.crossplane.io_controllerconfigs.yaml index 50dbff68..03bc569b 100644 --- a/content/v1.17/api/crds/pkg.crossplane.io_controllerconfigs.yaml +++ b/content/v1.20/api/crds/pkg.crossplane.io_controllerconfigs.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: controllerconfigs.pkg.crossplane.io spec: group: pkg.crossplane.io @@ -30,7 +30,6 @@ spec: [DeploymentRuntimeConfig](https://docs.crossplane.io/latest/concepts/providers#runtime-configuration) instead. - Read the [Package Runtime Configuration](https://github.com/crossplane/crossplane/blob/11bbe13ea3604928cc4e24e8d0d18f3f5f7e847c/design/one-pager-package-runtime-config.md) design document for more details. @@ -342,7 +341,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -357,7 +356,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -523,7 +522,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -538,7 +537,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -701,7 +700,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -716,7 +715,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -882,7 +881,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -897,7 +896,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1025,10 +1024,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its key @@ -1087,10 +1089,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key must @@ -1120,10 +1125,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -1138,10 +1146,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -1179,10 +1190,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1259,12 +1273,10 @@ spec: Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. format: int64 @@ -1351,7 +1363,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -1361,18 +1372,28 @@ spec: type: object supplementalGroups: description: |- - A list of groups applied to the first process run in each container, in addition - to the container's primary GID, the fsGroup (if specified), and group memberships - defined in the container image for the uid of the container process. If unspecified, - no additional groups are added to any container. Note that group memberships - defined in the container image for the uid of the container process are still effective, - even if they are not included in this list. + A list of groups applied to the first process run in each container, in + addition to the container's primary GID and fsGroup (if specified). If + the SupplementalGroupsPolicy feature is enabled, the + supplementalGroupsPolicy field determines whether these are in addition + to or instead of any group memberships defined in the container image. + If unspecified, no additional groups are added, though group memberships + defined in the container image may still be used, depending on the + supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows. items: format: int64 type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + description: |- + Defines how supplemental groups of the first container processes are calculated. + Valid values are "Merge" and "Strict". If not specified, "Merge" is used. + (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled + and the container runtime must implement support for this feature. + Note that this field cannot be set when spec.os.name is windows. + type: string sysctls: description: |- Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported @@ -1494,11 +1515,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -1509,6 +1528,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -1620,7 +1645,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -1702,7 +1727,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -1832,10 +1856,8 @@ spec: RecursiveReadOnly specifies whether read-only mounts should be handled recursively. - If ReadOnly is false, this field has no meaning and must be unspecified. - If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this @@ -1843,11 +1865,9 @@ spec: supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. - If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). - If this field is not specified, it is treated as an equivalent of Disabled. type: string subPath: @@ -1887,7 +1907,6 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -1927,6 +1946,7 @@ spec: storage type: string fsType: + default: ext4 description: |- fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. @@ -1939,6 +1959,7 @@ spec: disk (only in managed availability set). defaults to shared' type: string readOnly: + default: false description: |- readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. @@ -2000,10 +2021,13 @@ spec: More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2039,10 +2063,13 @@ spec: to OpenStack. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2108,10 +2135,13 @@ spec: type: array x-kubernetes-list-type: atomic name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap or its @@ -2144,10 +2174,13 @@ spec: secret object contains more than one secret, all secret references are passed. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2284,7 +2317,6 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -2295,17 +2327,14 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). - Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -2319,7 +2348,6 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -2329,11 +2357,9 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - Required, must not be nil. properties: metadata: @@ -2553,7 +2579,7 @@ spec: set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -2579,7 +2605,6 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target lun number' @@ -2641,10 +2666,13 @@ spec: scripts. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2678,7 +2706,6 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -2759,9 +2786,6 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- - TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - mount host directories as read/write. properties: path: description: |- @@ -2778,6 +2802,41 @@ spec: required: - path type: object + image: + description: |- + image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + The volume is resolved at pod startup depending on which PullPolicy value is provided: + + - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + + The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + The volume will be mounted read-only (ro) and non-executable files (noexec). + Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + properties: + pullPolicy: + description: |- + Policy for pulling OCI objects. Possible values are: + Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + type: string + reference: + description: |- + Required: Image or artifact reference to be used. + Behaves in the same way as pod.spec.containers[*].image. + Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + type: string + type: object iscsi: description: |- iscsi represents an ISCSI Disk resource that is attached to a @@ -2798,7 +2857,6 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -2810,6 +2868,7 @@ spec: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: + default: default description: |- iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). @@ -2836,10 +2895,13 @@ spec: and initiator authentication properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2956,24 +3018,24 @@ spec: format: int32 type: integer sources: - description: sources is the list of volume projections + description: |- + sources is the list of volume projections. Each entry in this list + handles one source. items: - description: Projection that may be projected along with - other supported volume types + description: |- + Projection that may be projected along with other supported volume types. + Exactly one of these fields must be set. properties: clusterTrustBundle: description: |- ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. - Alpha, gated by the ClusterTrustBundleProjection feature gate. - ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. - Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. @@ -3101,10 +3163,13 @@ spec: type: array x-kubernetes-list-type: atomic name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the ConfigMap @@ -3236,10 +3301,13 @@ spec: type: array x-kubernetes-list-type: atomic name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify whether the @@ -3329,7 +3397,6 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -3337,6 +3404,7 @@ spec: More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string keyring: + default: /etc/ceph/keyring description: |- keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. @@ -3351,6 +3419,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd description: |- pool is the rados pool name. Default is rbd. @@ -3370,14 +3439,18 @@ spec: More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic user: + default: admin description: |- user is the rados user name. Default is admin. @@ -3392,6 +3465,7 @@ spec: attached and mounted on Kubernetes nodes. properties: fsType: + default: xfs description: |- fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. @@ -3417,10 +3491,13 @@ spec: sensitive information. If this is not provided, Login operation will fail. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3429,6 +3506,7 @@ spec: with Gateway, default false type: boolean storageMode: + default: ThinProvisioned description: |- storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. @@ -3536,10 +3614,13 @@ spec: credentials. If not specified, default values will be attempted. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic diff --git a/content/v1.17/api/crds/pkg.crossplane.io_deploymentruntimeconfigs.yaml b/content/v1.20/api/crds/pkg.crossplane.io_deploymentruntimeconfigs.yaml similarity index 96% rename from content/v1.17/api/crds/pkg.crossplane.io_deploymentruntimeconfigs.yaml rename to content/v1.20/api/crds/pkg.crossplane.io_deploymentruntimeconfigs.yaml index 35a599ab..9e3d4807 100644 --- a/content/v1.17/api/crds/pkg.crossplane.io_deploymentruntimeconfigs.yaml +++ b/content/v1.20/api/crds/pkg.crossplane.io_deploymentruntimeconfigs.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: deploymentruntimeconfigs.pkg.crossplane.io spec: group: pkg.crossplane.io @@ -26,7 +26,6 @@ spec: The DeploymentRuntimeConfig provides settings for the Kubernetes Deployment of a Provider or composition function package. - Read the Crossplane documentation for [more information about DeploymentRuntimeConfigs](https://docs.crossplane.io/latest/concepts/providers/#runtime-configuration). properties: @@ -177,9 +176,6 @@ spec: description: |- Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. - --- - TODO: Update this to follow our convention for oneOf, whatever we decide it - to be. properties: maxSurge: anyOf: @@ -553,7 +549,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -568,7 +564,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -738,7 +734,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -753,7 +749,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -922,7 +918,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -937,7 +933,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1107,7 +1103,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1122,7 +1118,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1284,10 +1280,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the @@ -1354,10 +1353,13 @@ spec: secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the @@ -1391,10 +1393,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1411,10 +1416,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -1719,11 +1727,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -1940,11 +1948,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2098,11 +2106,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references @@ -2114,6 +2120,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -2237,7 +2249,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -2319,7 +2331,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -2404,11 +2415,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2629,10 +2640,8 @@ spec: RecursiveReadOnly specifies whether read-only mounts should be handled recursively. - If ReadOnly is false, this field has no meaning and must be unspecified. - If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this @@ -2640,11 +2649,9 @@ spec: supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. - If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). - If this field is not specified, it is treated as an equivalent of Disabled. type: string subPath: @@ -2753,7 +2760,6 @@ spec: removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation. - To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted. properties: @@ -2821,10 +2827,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the @@ -2891,10 +2900,13 @@ spec: secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the @@ -2928,10 +2940,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -2948,10 +2963,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -3250,11 +3268,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -3461,11 +3479,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -3618,11 +3636,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references @@ -3634,6 +3650,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -3745,7 +3767,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -3827,7 +3849,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -3906,11 +3927,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4052,7 +4073,6 @@ spec: The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. - The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined. type: string @@ -4141,10 +4161,8 @@ spec: RecursiveReadOnly specifies whether read-only mounts should be handled recursively. - If ReadOnly is false, this field has no meaning and must be unspecified. - If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this @@ -4152,11 +4170,9 @@ spec: supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. - If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). - If this field is not specified, it is treated as an equivalent of Disabled. type: string subPath: @@ -4262,10 +4278,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string required: - name @@ -4358,10 +4377,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the @@ -4428,10 +4450,13 @@ spec: secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the @@ -4465,10 +4490,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -4485,10 +4513,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -4793,11 +4824,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5014,11 +5045,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5172,11 +5203,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references @@ -5188,6 +5217,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -5311,7 +5346,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -5393,7 +5428,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -5478,11 +5512,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -5703,10 +5737,8 @@ spec: RecursiveReadOnly specifies whether read-only mounts should be handled recursively. - If ReadOnly is false, this field has no meaning and must be unspecified. - If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this @@ -5714,11 +5746,9 @@ spec: supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. - If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). - If this field is not specified, it is treated as an equivalent of Disabled. type: string subPath: @@ -5757,9 +5787,11 @@ spec: x-kubernetes-list-type: map nodeName: description: |- - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits resource - requirements. + NodeName indicates in which node this pod is scheduled. + If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. + Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. + This field should not be used to express a desire for the pod to be scheduled on a specific node. + https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename type: string nodeSelector: additionalProperties: @@ -5775,11 +5807,9 @@ spec: Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. - If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions - If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC @@ -5794,6 +5824,7 @@ spec: - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups + - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile @@ -5882,15 +5913,16 @@ spec: will be made available to those containers which consume them by name. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. items: description: |- - PodResourceClaim references exactly one ResourceClaim through a ClaimSource. + PodResourceClaim references exactly one ResourceClaim, either directly + or by naming a ResourceClaimTemplate which is then turned into a ResourceClaim + for the pod. + It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. Containers that need access to the ResourceClaim reference it with this name. properties: @@ -5899,33 +5931,32 @@ spec: Name uniquely identifies this resource claim inside the pod. This must be a DNS_LABEL. type: string - source: - description: Source describes where to find - the ResourceClaim. - properties: - resourceClaimName: - description: |- - ResourceClaimName is the name of a ResourceClaim object in the same - namespace as this pod. - type: string - resourceClaimTemplateName: - description: |- - ResourceClaimTemplateName is the name of a ResourceClaimTemplate - object in the same namespace as this pod. + resourceClaimName: + description: |- + ResourceClaimName is the name of a ResourceClaim object in the same + namespace as this pod. + Exactly one of ResourceClaimName and ResourceClaimTemplateName must + be set. + type: string + resourceClaimTemplateName: + description: |- + ResourceClaimTemplateName is the name of a ResourceClaimTemplate + object in the same namespace as this pod. - The template will be used to create a new ResourceClaim, which will - be bound to this pod. When this pod is deleted, the ResourceClaim - will also be deleted. The pod name and resource name, along with a - generated component, will be used to form a unique name for the - ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. + The template will be used to create a new ResourceClaim, which will + be bound to this pod. When this pod is deleted, the ResourceClaim + will also be deleted. The pod name and resource name, along with a + generated component, will be used to form a unique name for the + ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. + This field is immutable and no changes will be made to the + corresponding ResourceClaim by the control plane after creating the + ResourceClaim. - This field is immutable and no changes will be made to the - corresponding ResourceClaim by the control plane after creating the - ResourceClaim. - type: string - type: object + Exactly one of ResourceClaimName and ResourceClaimTemplateName must + be set. + type: string required: - name type: object @@ -5959,7 +5990,6 @@ spec: If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. - SchedulingGates can only be set at pod creation time, and be removed only afterwards. items: description: PodSchedulingGate is associated to @@ -6011,12 +6041,10 @@ spec: Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: - 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. format: int64 @@ -6103,7 +6131,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -6113,18 +6140,28 @@ spec: type: object supplementalGroups: description: |- - A list of groups applied to the first process run in each container, in addition - to the container's primary GID, the fsGroup (if specified), and group memberships - defined in the container image for the uid of the container process. If unspecified, - no additional groups are added to any container. Note that group memberships - defined in the container image for the uid of the container process are still effective, - even if they are not included in this list. + A list of groups applied to the first process run in each container, in + addition to the container's primary GID and fsGroup (if specified). If + the SupplementalGroupsPolicy feature is enabled, the + supplementalGroupsPolicy field determines whether these are in addition + to or instead of any group memberships defined in the container image. + If unspecified, no additional groups are added, though group memberships + defined in the container image may still be used, depending on the + supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows. items: format: int64 type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + description: |- + Defines how supplemental groups of the first container processes are calculated. + Valid values are "Merge" and "Strict". If not specified, "Merge" is used. + (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled + and the container runtime must implement support for this feature. + Note that this field cannot be set when spec.os.name is windows. + type: string sysctls: description: |- Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported @@ -6332,7 +6369,6 @@ spec: Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). items: type: string @@ -6372,7 +6408,6 @@ spec: Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | @@ -6390,7 +6425,6 @@ spec: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -6402,7 +6436,6 @@ spec: has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string @@ -6471,7 +6504,6 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -6512,6 +6544,7 @@ spec: disk in the blob storage type: string fsType: + default: ext4 description: |- fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. @@ -6525,6 +6558,7 @@ spec: availability set). defaults to shared' type: string readOnly: + default: false description: |- readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. @@ -6590,10 +6624,13 @@ spec: More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6629,10 +6666,13 @@ spec: to OpenStack. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6699,10 +6739,13 @@ spec: type: array x-kubernetes-list-type: atomic name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify whether the @@ -6735,10 +6778,13 @@ spec: secret object contains more than one secret, all secret references are passed. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -6886,7 +6932,6 @@ spec: The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. - Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity @@ -6897,17 +6942,14 @@ spec: information on the connection between this volume type and PersistentVolumeClaim). - Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. - Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. - A pod can use both types of ephemeral volumes and persistent volumes at the same time. properties: @@ -6921,7 +6963,6 @@ spec: entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). - An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until @@ -6931,11 +6972,9 @@ spec: this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. - Required, must not be nil. properties: metadata: @@ -7158,7 +7197,7 @@ spec: set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -7185,7 +7224,6 @@ spec: fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - TODO: how do we prevent errors in the filesystem from compromising the machine type: string lun: description: 'lun is Optional: FC target @@ -7248,10 +7286,13 @@ spec: scripts. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7287,7 +7328,6 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from compromising the machine type: string partition: description: |- @@ -7368,9 +7408,6 @@ spec: used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- - TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - mount host directories as read/write. properties: path: description: |- @@ -7387,6 +7424,41 @@ spec: required: - path type: object + image: + description: |- + image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + The volume is resolved at pod startup depending on which PullPolicy value is provided: + + - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + + The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + The volume will be mounted read-only (ro) and non-executable files (noexec). + Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + properties: + pullPolicy: + description: |- + Policy for pulling OCI objects. Possible values are: + Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + type: string + reference: + description: |- + Required: Image or artifact reference to be used. + Behaves in the same way as pod.spec.containers[*].image. + Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + type: string + type: object iscsi: description: |- iscsi represents an ISCSI Disk resource that is attached to a @@ -7407,7 +7479,6 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from compromising the machine type: string initiatorName: description: |- @@ -7420,6 +7491,7 @@ spec: Name. type: string iscsiInterface: + default: default description: |- iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). @@ -7447,10 +7519,13 @@ spec: for iSCSI target and initiator authentication properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -7571,25 +7646,24 @@ spec: format: int32 type: integer sources: - description: sources is the list of volume - projections + description: |- + sources is the list of volume projections. Each entry in this list + handles one source. items: - description: Projection that may be projected - along with other supported volume types + description: |- + Projection that may be projected along with other supported volume types. + Exactly one of these fields must be set. properties: clusterTrustBundle: description: |- ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. - Alpha, gated by the ClusterTrustBundleProjection feature gate. - ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. - Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. @@ -7722,10 +7796,13 @@ spec: type: array x-kubernetes-list-type: atomic name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional specify @@ -7873,10 +7950,13 @@ spec: type: array x-kubernetes-list-type: atomic name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: optional field specify @@ -7968,7 +8048,6 @@ spec: Tip: Ensure that the filesystem type is supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from compromising the machine type: string image: description: |- @@ -7976,6 +8055,7 @@ spec: More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string keyring: + default: /etc/ceph/keyring description: |- keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. @@ -7990,6 +8070,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd description: |- pool is the rados pool name. Default is rbd. @@ -8009,14 +8090,18 @@ spec: More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic user: + default: admin description: |- user is the rados user name. Default is admin. @@ -8032,6 +8117,7 @@ spec: nodes. properties: fsType: + default: xfs description: |- fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. @@ -8058,10 +8144,13 @@ spec: sensitive information. If this is not provided, Login operation will fail. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -8071,6 +8160,7 @@ spec: false type: boolean storageMode: + default: ThinProvisioned description: |- storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. @@ -8181,10 +8271,13 @@ spec: credentials. If not specified, default values will be attempted. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic diff --git a/content/v1.17/api/crds/pkg.crossplane.io_functionrevisions.yaml b/content/v1.20/api/crds/pkg.crossplane.io_functionrevisions.yaml similarity index 90% rename from content/v1.17/api/crds/pkg.crossplane.io_functionrevisions.yaml rename to content/v1.20/api/crds/pkg.crossplane.io_functionrevisions.yaml index 0de8d314..e0fc5a26 100644 --- a/content/v1.17/api/crds/pkg.crossplane.io_functionrevisions.yaml +++ b/content/v1.20/api/crds/pkg.crossplane.io_functionrevisions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: functionrevisions.pkg.crossplane.io spec: group: pkg.crossplane.io @@ -46,7 +46,6 @@ spec: A FunctionRevision represents a revision of a Function. Crossplane creates new revisions when there are changes to the Function. - Crossplane creates and manages FunctionRevisions. Don't directly edit FunctionRevisions. properties: @@ -125,10 +124,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -187,6 +189,27 @@ spec: description: FunctionRevisionStatus represents the observed state of a FunctionRevision. properties: + appliedImageConfigRefs: + description: |- + AppliedImageConfigRefs records any image configs that were applied in + reconciling this revision, and what they were used for. + items: + description: |- + ImageConfigRef is a reference to an image config that indicates how the + referenced image config was used by the package manager. + properties: + name: + description: Name is the name of the image config. + type: string + reason: + description: Reason indicates what the image config was used + for. + type: string + required: + - name + - reason + type: object + type: array conditions: description: Conditions of the resource. items: @@ -327,6 +350,12 @@ spec: - verbs type: object type: array + resolvedImage: + description: |- + ResolvedPackage is the name of the package that was installed. It may be + different from spec.image if the package path was rewritten using an + image config. + type: string type: object type: object served: true @@ -362,7 +391,6 @@ spec: A FunctionRevision represents a revision of a Function. Crossplane creates new revisions when there are changes to the Function. - Crossplane creates and manages FunctionRevisions. Don't directly edit FunctionRevisions. properties: @@ -441,10 +469,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -503,6 +534,27 @@ spec: description: FunctionRevisionStatus represents the observed state of a FunctionRevision. properties: + appliedImageConfigRefs: + description: |- + AppliedImageConfigRefs records any image configs that were applied in + reconciling this revision, and what they were used for. + items: + description: |- + ImageConfigRef is a reference to an image config that indicates how the + referenced image config was used by the package manager. + properties: + name: + description: Name is the name of the image config. + type: string + reason: + description: Reason indicates what the image config was used + for. + type: string + required: + - name + - reason + type: object + type: array conditions: description: Conditions of the resource. items: @@ -643,6 +695,12 @@ spec: - verbs type: object type: array + resolvedImage: + description: |- + ResolvedPackage is the name of the package that was installed. It may be + different from spec.image if the package path was rewritten using an + image config. + type: string type: object type: object served: true diff --git a/content/v1.17/api/crds/pkg.crossplane.io_functions.yaml b/content/v1.20/api/crds/pkg.crossplane.io_functions.yaml similarity index 86% rename from content/v1.17/api/crds/pkg.crossplane.io_functions.yaml rename to content/v1.20/api/crds/pkg.crossplane.io_functions.yaml index e6183b3e..67b74eed 100644 --- a/content/v1.17/api/crds/pkg.crossplane.io_functions.yaml +++ b/content/v1.20/api/crds/pkg.crossplane.io_functions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: functions.pkg.crossplane.io spec: group: pkg.crossplane.io @@ -37,7 +37,6 @@ spec: A Function installs an OCI compatible Crossplane package, extending Crossplane with support for a new kind of composition function. - Read the Crossplane documentation for [more information about Functions](https://docs.crossplane.io/latest/concepts/composition-functions). properties: @@ -108,10 +107,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -166,6 +168,27 @@ spec: status: description: FunctionStatus represents the observed state of a Function. properties: + appliedImageConfigRefs: + description: |- + AppliedImageConfigRefs records any image configs that were applied in + reconciling this package, and what they were used for. + items: + description: |- + ImageConfigRef is a reference to an image config that indicates how the + referenced image config was used by the package manager. + properties: + name: + description: Name is the name of the image config. + type: string + reason: + description: Reason indicates what the image config was used + for. + type: string + required: + - name + - reason + type: object + type: array conditions: description: Conditions of the resource. items: @@ -227,6 +250,12 @@ spec: reflect the most up to date revision, whether it has been activated or not. type: string + resolvedPackage: + description: |- + ResolvedPackage is the name of the package that was used for version + resolution. It may be different from spec.package if the package path was + rewritten using an image config. + type: string type: object type: object served: true @@ -253,7 +282,6 @@ spec: A Function installs an OCI compatible Crossplane package, extending Crossplane with support for a new kind of composition function. - Read the Crossplane documentation for [more information about Functions](https://docs.crossplane.io/latest/concepts/composition-functions). properties: @@ -324,10 +352,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -382,6 +413,27 @@ spec: status: description: FunctionStatus represents the observed state of a Function. properties: + appliedImageConfigRefs: + description: |- + AppliedImageConfigRefs records any image configs that were applied in + reconciling this package, and what they were used for. + items: + description: |- + ImageConfigRef is a reference to an image config that indicates how the + referenced image config was used by the package manager. + properties: + name: + description: Name is the name of the image config. + type: string + reason: + description: Reason indicates what the image config was used + for. + type: string + required: + - name + - reason + type: object + type: array conditions: description: Conditions of the resource. items: @@ -443,6 +495,12 @@ spec: reflect the most up to date revision, whether it has been activated or not. type: string + resolvedPackage: + description: |- + ResolvedPackage is the name of the package that was used for version + resolution. It may be different from spec.package if the package path was + rewritten using an image config. + type: string type: object type: object served: true diff --git a/content/v1.20/api/crds/pkg.crossplane.io_imageconfigs.yaml b/content/v1.20/api/crds/pkg.crossplane.io_imageconfigs.yaml new file mode 100644 index 00000000..25367790 --- /dev/null +++ b/content/v1.20/api/crds/pkg.crossplane.io_imageconfigs.yaml @@ -0,0 +1,249 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.5 + name: imageconfigs.pkg.crossplane.io +spec: + group: pkg.crossplane.io + names: + categories: + - crossplane + kind: ImageConfig + listKind: ImageConfigList + plural: imageconfigs + singular: imageconfig + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: The ImageConfig resource is used to configure settings for package + images. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ImageConfigSpec contains the configuration for matching images. + properties: + matchImages: + description: |- + MatchImages is a list of image matching rules. This ImageConfig will + match an image if any one of these rules is satisfied. In the case where + multiple ImageConfigs match an image for a given purpose the one with the + most specific match will be used. If multiple rules of equal specificity + match an arbitrary one will be selected. + items: + description: ImageMatch defines a rule for matching image. + properties: + prefix: + description: |- + Prefix is the prefix that should be matched. When multiple prefix rules + match an image path, the longest one takes precedence. + type: string + type: + default: Prefix + description: Type is the type of match. + enum: + - Prefix + type: string + required: + - prefix + type: object + type: array + x-kubernetes-validations: + - message: matchImages should have at least one element. + rule: size(self) > 0 + registry: + description: Registry is the configuration for the registry. + properties: + authentication: + description: Authentication is the authentication information + for the registry. + properties: + pullSecretRef: + description: |- + PullSecretRef is a reference to a secret that contains the credentials for + the registry. + properties: + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic + required: + - pullSecretRef + type: object + type: object + rewriteImage: + description: RewriteImage defines how a matched image's path should + be rewritten. + properties: + prefix: + description: |- + Prefix is the prefix that will replace the portion of the image's path + matched by the prefix in the ImageMatch. If multiple prefixes matched, + the longest one will be replaced. + type: string + required: + - prefix + type: object + verification: + description: Verification contains the configuration for verifying + the image. + properties: + cosign: + description: Cosign is the configuration for verifying the image + using cosign. + properties: + authorities: + description: Authorities defines the rules for discovering + and validating signatures. + items: + description: CosignAuthority defines the rules for discovering + and validating signatures. + properties: + attestations: + description: |- + Attestations is a list of individual attestations for this authority, + once the signature for this authority has been verified. + items: + description: |- + Attestation defines the type of attestation to validate and optionally + apply a policy decision to it. Authority block is used to verify the + specified attestation types, and if Policy is specified, then it's applied + only after the validation of the Attestation signature has been verified. + properties: + name: + description: Name of the attestation. + type: string + predicateType: + description: |- + PredicateType defines which predicate type to verify. Matches cosign + verify-attestation options. + type: string + required: + - name + - predicateType + type: object + type: array + key: + description: Key defines the type of key to validate + the image. + properties: + hashAlgorithm: + default: sha256 + description: HashAlgorithm always defaults to sha256 + if the algorithm hasn't been explicitly set + type: string + secretRef: + description: SecretRef sets a reference to a secret + with the key. + properties: + key: + description: The key to select. + type: string + name: + description: Name of the secret. + type: string + required: + - key + - name + type: object + required: + - hashAlgorithm + - secretRef + type: object + keyless: + description: |- + Keyless sets the configuration to verify the authority against a Fulcio + instance. + properties: + identities: + description: Identities sets a list of identities. + items: + description: |- + Identity may contain the issuer and/or the subject found in the transparency + log. + Issuer/Subject uses a strict match, while IssuerRegExp and SubjectRegExp + apply a regexp for matching. + properties: + issuer: + description: Issuer defines the issuer for + this identity. + type: string + issuerRegExp: + description: |- + IssuerRegExp specifies a regular expression to match the issuer for this identity. + This has precedence over the Issuer field. + type: string + subject: + description: Subject defines the subject for + this identity. + type: string + subjectRegExp: + description: |- + SubjectRegExp specifies a regular expression to match the subject for this identity. + This has precedence over the Subject field. + type: string + type: object + type: array + insecureIgnoreSCT: + description: InsecureIgnoreSCT omits verifying if + a certificate contains an embedded SCT + type: boolean + required: + - identities + type: object + name: + description: Name is the name for this authority. + type: string + required: + - name + type: object + type: array + required: + - authorities + type: object + provider: + description: Provider is the provider that should be used to verify + the image. + enum: + - Cosign + type: string + required: + - provider + type: object + required: + - matchImages + type: object + type: object + served: true + storage: true + subresources: {} diff --git a/content/v1.20/api/crds/pkg.crossplane.io_locks.yaml b/content/v1.20/api/crds/pkg.crossplane.io_locks.yaml new file mode 100644 index 00000000..ac1a1546 --- /dev/null +++ b/content/v1.20/api/crds/pkg.crossplane.io_locks.yaml @@ -0,0 +1,171 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.5 + name: locks.pkg.crossplane.io +spec: + group: pkg.crossplane.io + names: + kind: Lock + listKind: LockList + plural: locks + singular: lock + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Lock is the CRD type that tracks package dependencies. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + packages: + items: + description: LockPackage is a package that is in the lock. + properties: + apiVersion: + description: APIVersion of the package. + type: string + dependencies: + description: |- + Dependencies are the list of dependencies of this package. The order of + the dependencies will dictate the order in which they are resolved. + items: + description: A Dependency is a dependency of a package in the + lock. + properties: + apiVersion: + description: APIVersion of the package. + type: string + constraints: + description: |- + Constraints is a valid semver range or a digest, which will be used to select a valid + dependency version. + type: string + kind: + description: Kind of the package (not the kind of the package + revision). + type: string + package: + description: Package is the OCI image name without a tag or + digest. + type: string + type: + description: |- + Type is the type of package. Can be either Configuration or Provider. + Deprecated: Specify an apiVersion and kind instead. + enum: + - Configuration + - Provider + - Function + type: string + required: + - constraints + - package + type: object + type: array + kind: + description: Kind of the package (not the kind of the package revision). + type: string + name: + description: Name corresponds to the name of the package revision + for this package. + type: string + source: + description: Source is the OCI image name without a tag or digest. + type: string + type: + description: |- + Type is the type of package. + Deprecated: Specify an apiVersion and kind instead. + enum: + - Configuration + - Provider + - Function + type: string + version: + description: Version is the tag or digest of the OCI image. + type: string + required: + - dependencies + - name + - source + - version + type: object + type: array + status: + description: Status of the Lock. + properties: + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: |- + LastTransitionTime is the last time this condition transitioned from one + status to another. + format: date-time + type: string + message: + description: |- + A Message containing details about this condition's last transition from + one status to another, if any. + type: string + observedGeneration: + description: |- + ObservedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: |- + Type of this condition. At most one of each condition type may apply to + a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/content/v1.17/api/crds/pkg.crossplane.io_providerrevisions.yaml b/content/v1.20/api/crds/pkg.crossplane.io_providerrevisions.yaml similarity index 90% rename from content/v1.17/api/crds/pkg.crossplane.io_providerrevisions.yaml rename to content/v1.20/api/crds/pkg.crossplane.io_providerrevisions.yaml index ecafb876..27e60e74 100644 --- a/content/v1.17/api/crds/pkg.crossplane.io_providerrevisions.yaml +++ b/content/v1.20/api/crds/pkg.crossplane.io_providerrevisions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: providerrevisions.pkg.crossplane.io spec: group: pkg.crossplane.io @@ -46,7 +46,6 @@ spec: A ProviderRevision represents a revision of a Provider. Crossplane creates new revisions when there are changes to a Provider. - Crossplane creates and manages ProviderRevisions. Don't directly edit ProviderRevisions. properties: @@ -125,10 +124,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -187,6 +189,27 @@ spec: description: PackageRevisionStatus represents the observed state of a PackageRevision. properties: + appliedImageConfigRefs: + description: |- + AppliedImageConfigRefs records any image configs that were applied in + reconciling this revision, and what they were used for. + items: + description: |- + ImageConfigRef is a reference to an image config that indicates how the + referenced image config was used by the package manager. + properties: + name: + description: Name is the name of the image config. + type: string + reason: + description: Reason indicates what the image config was used + for. + type: string + required: + - name + - reason + type: object + type: array conditions: description: Conditions of the resource. items: @@ -322,6 +345,12 @@ spec: - verbs type: object type: array + resolvedImage: + description: |- + ResolvedPackage is the name of the package that was installed. It may be + different from spec.image if the package path was rewritten using an + image config. + type: string type: object type: object served: true diff --git a/content/v1.17/api/crds/pkg.crossplane.io_providers.yaml b/content/v1.20/api/crds/pkg.crossplane.io_providers.yaml similarity index 86% rename from content/v1.17/api/crds/pkg.crossplane.io_providers.yaml rename to content/v1.20/api/crds/pkg.crossplane.io_providers.yaml index 677fbf9c..69abaefd 100644 --- a/content/v1.17/api/crds/pkg.crossplane.io_providers.yaml +++ b/content/v1.20/api/crds/pkg.crossplane.io_providers.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: providers.pkg.crossplane.io spec: group: pkg.crossplane.io @@ -37,7 +37,6 @@ spec: A Provider installs an OCI compatible Crossplane package, extending Crossplane with support for new kinds of managed resources. - Read the Crossplane documentation for [more information about Providers](https://docs.crossplane.io/latest/concepts/providers). properties: @@ -110,10 +109,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -168,6 +170,27 @@ spec: status: description: ProviderStatus represents the observed state of a Provider. properties: + appliedImageConfigRefs: + description: |- + AppliedImageConfigRefs records any image configs that were applied in + reconciling this package, and what they were used for. + items: + description: |- + ImageConfigRef is a reference to an image config that indicates how the + referenced image config was used by the package manager. + properties: + name: + description: Name is the name of the image config. + type: string + reason: + description: Reason indicates what the image config was used + for. + type: string + required: + - name + - reason + type: object + type: array conditions: description: Conditions of the resource. items: @@ -229,6 +252,12 @@ spec: reflect the most up to date revision, whether it has been activated or not. type: string + resolvedPackage: + description: |- + ResolvedPackage is the name of the package that was used for version + resolution. It may be different from spec.package if the package path was + rewritten using an image config. + type: string type: object type: object served: true diff --git a/content/v1.17/api/crds/secrets.crossplane.io_storeconfigs.yaml b/content/v1.20/api/crds/secrets.crossplane.io_storeconfigs.yaml similarity index 99% rename from content/v1.17/api/crds/secrets.crossplane.io_storeconfigs.yaml rename to content/v1.20/api/crds/secrets.crossplane.io_storeconfigs.yaml index 85ffc16a..31e23b8c 100644 --- a/content/v1.17/api/crds/secrets.crossplane.io_storeconfigs.yaml +++ b/content/v1.20/api/crds/secrets.crossplane.io_storeconfigs.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: storeconfigs.secrets.crossplane.io spec: group: secrets.crossplane.io diff --git a/content/v1.17/cli/_index.md b/content/v1.20/cli/_index.md similarity index 77% rename from content/v1.17/cli/_index.md rename to content/v1.20/cli/_index.md index 373f705d..b6f2e6ec 100644 --- a/content/v1.17/cli/_index.md +++ b/content/v1.20/cli/_index.md @@ -61,4 +61,21 @@ By default the CLI installs from the `XP_CHANNEL` named `stable` and the For example, to install CLI version `v1.14.0` add `XP_VERSION=v1.14.0` to the download script curl command: -`curl -sL "https://raw.githubusercontent.com/crossplane/crossplane/main/install.sh" | XP_VERSION=v1.14.0 sh` \ No newline at end of file +`curl -sL "https://raw.githubusercontent.com/crossplane/crossplane/main/install.sh" | XP_VERSION=v1.14.0 sh` + +## Installing shell autocompletions + +The Crossplane CLI supports shell autocompletions for `bash`, `zsh` and `fish`. +You can install the autocompletions with the `completions` command by adding it to +your shell's configuration file. + +```shell +source <(crossplane completions) +``` + +{{}} +The `completions` command generates the autocompletions for your default shell. +It's not possible to generate autocompletions for a different shell, if you want to +install the autocompletions for a different shell, you have to configure the Crossplane +CLI as the completer manually. +{{< /hint >}} diff --git a/content/v1.17/cli/command-reference.md b/content/v1.20/cli/command-reference.md similarity index 99% rename from content/v1.17/cli/command-reference.md rename to content/v1.20/cli/command-reference.md index c90aa629..7e442888 100644 --- a/content/v1.17/cli/command-reference.md +++ b/content/v1.20/cli/command-reference.md @@ -322,7 +322,7 @@ inside Crossplane. The `` is either a `configuration`, `function` or `provider`. -For example, to install to the latest version of the +For example, to install the latest version of the [AWS S3 provider](https://github.com/crossplane-contrib/provider-upjet-aws): `crossplane xpkg install provider xpkg.crossplane.io/crossplane-contrib/provider-aws-s3:v1.21.1` @@ -902,6 +902,7 @@ A Kubernetes cluster running Crossplane isn't required. | | `--cache-dir=".crossplane/cache"` | Specify the absolute path to the cache directory to store downloaded schemas. | | | `--clean-cache` | Clean the cache directory before downloading package schemas. | | | `--skip-success-results` | Skip printing success results. | +| | `--error-on-missing-schemas` | Return a non zero exit code if any schemas are missing. | | | `--verbose` | Print verbose logging statements. | {{< /table >}} diff --git a/content/v1.17/concepts/_index.md b/content/v1.20/concepts/_index.md similarity index 100% rename from content/v1.17/concepts/_index.md rename to content/v1.20/concepts/_index.md diff --git a/content/v1.17/concepts/claims.md b/content/v1.20/concepts/claims.md similarity index 100% rename from content/v1.17/concepts/claims.md rename to content/v1.20/concepts/claims.md diff --git a/content/v1.17/concepts/composite-resource-definitions.md b/content/v1.20/concepts/composite-resource-definitions.md similarity index 100% rename from content/v1.17/concepts/composite-resource-definitions.md rename to content/v1.20/concepts/composite-resource-definitions.md diff --git a/content/v1.17/concepts/composite-resources.md b/content/v1.20/concepts/composite-resources.md similarity index 100% rename from content/v1.17/concepts/composite-resources.md rename to content/v1.20/concepts/composite-resources.md diff --git a/content/v1.17/concepts/composition-revisions.md b/content/v1.20/concepts/composition-revisions.md similarity index 98% rename from content/v1.17/concepts/composition-revisions.md rename to content/v1.20/concepts/composition-revisions.md index 173557c9..877c5feb 100644 --- a/content/v1.17/concepts/composition-revisions.md +++ b/content/v1.20/concepts/composition-revisions.md @@ -16,10 +16,10 @@ database configuration of an Azure MySQL Server and a few firewall rules. The `Composition` contains the 'base' configuration for the MySQL server and the firewall rules that are extended by the configuration for the `PlatformDB`. -A `Composition` is associated with multiple XRs that make use of it. You might -define a `Composition` named `big-platform-db` that's used by ten different -`PlatformDB` XRs. Usually, in the interest of self-service, the `Composition` -is managed by a different team from the actual `PlatformDB` XRs. For example +A `Composition` is associated with multiple XRs that make use of it. You might +define a `Composition` named `big-platform-db` that's used by ten different +`PlatformDB` XRs. Usually, in the interest of self-service, the `Composition` +is managed by a different team from the actual `PlatformDB` XRs. For example the `Composition` may be written and maintained by a platform team member, while individual application teams create `PlatformDB` XRs that use said `Composition`. @@ -130,9 +130,9 @@ spec: This tutorial discusses how CompositionRevisions work and how they manage Composite Resource (XR) updates. This starts with a `Composition` and `CompositeResourceDefinition` (XRD) that defines a `MyVPC` resource and continues with creating multiple XRs to observe different upgrade paths. Crossplane will -assign different CompositionRevisions to the created composite resources each time the composition is updated. +assign different CompositionRevisions to the created composite resources each time the composition is updated. -### Preparation +### Preparation ##### Install Crossplane Install Crossplane v1.11.0 or later and wait until the Crossplane pods are running. ```shell @@ -325,7 +325,7 @@ The `vpc-staging` XR label doesn't match any existing Composition Revisions. ### Create new Composition revisions Crossplane creates a new CompositionRevision when a Composition is created or updated. Label and annotation changes will -also trigger a new CompositionRevision. +also trigger a new CompositionRevision. #### Update the Composition label Update the `Composition` label to `channel: staging`: diff --git a/content/v1.17/concepts/compositions.md b/content/v1.20/concepts/compositions.md similarity index 94% rename from content/v1.17/concepts/compositions.md rename to content/v1.20/concepts/compositions.md index c61ff666..0afa0b6a 100644 --- a/content/v1.17/concepts/compositions.md +++ b/content/v1.20/concepts/compositions.md @@ -1,7 +1,7 @@ --- title: Compositions weight: 30 -aliases: +aliases: - composition - composition-functions - /knowledge-base/guides/composition-functions @@ -9,14 +9,14 @@ description: "Compositions are a template for creating Crossplane resources" --- Compositions are a template for creating multiple managed resources as a single -object. +object. A Composition _composes_ individual managed resources together into a larger, reusable, solution. An example Composition may combine a virtual machine, storage resources and networking policies. A Composition template links all these individual -resources together. +resources together. Here's an example Composition. When you create an {{}}AcmeBucket{{}} composite resource @@ -57,12 +57,12 @@ Crossplane has four core components that users commonly mix up: * Compositions - This page. A template to define how to create resources. * [Composite Resource Definition]({{}}) - (`XRD`) - A custom API specification. + (`XRD`) - A custom API specification. * [Composite Resource]({{}}) (`XR`) - Created by using the custom API defined in a Composite Resource Definition. XRs use the - Composition template to create new managed resources. + Composition template to create new managed resources. * [Claims]({{}}) (`XRC`) - Like a Composite Resource, but - with namespace scoping. + with namespace scoping. {{}} ## Create a Composition @@ -83,8 +83,8 @@ resource (XR). {{}} The Crossplane community has built lots of functions that let you template Crossplane resources using -[CUE](https://github.com/crossplane-contrib/function-cue), -[KCL](https://github.com/crossplane-contrib/function-kcl), +[CUE](https://github.com/crossplane-contrib/function-cue), +[KCL](https://github.com/crossplane-contrib/function-kcl), Helm-like [Go templates](https://github.com/crossplane-contrib/function-go-templating) or legacy Crossplane @@ -111,7 +111,7 @@ but the feature is no longer maintained. Crossplane doesn't accept new See the [CLI documentation]({{}}) to learn how to use the `crossplane beta convert` command to convert a legacy -`Resources` Composition to the `Pipeline` mode. +`Resources` Composition to the `Pipeline` mode. {{< /hint >}} @@ -174,36 +174,36 @@ composite resource owns. Crossplane knows what Function to call when a composite resource changes by looking at the Composition the composite resource uses. -To use composition functions set the Composition +To use composition functions set the Composition {{}}mode{{}} to {{}}Pipeline{{}}. -Define a {{}}pipeline{{}} of -{{}}steps{{}}. Each -{{}}step{{}} calls a Function. +Define a {{}}pipeline{{}} of +{{}}steps{{}}. Each +{{}}step{{}} calls a Function. -Each {{}}step{{}} uses a +Each {{}}step{{}} uses a {{}}functionRef{{}} to reference the -{{}}name{{}} of the Function to call. +{{}}name{{}} of the Function to call. {{}} -Compositions using {{}}mode: Pipeline{{}} -can't specify resource templates with a `resources` field. +Compositions using {{}}mode: Pipeline{{}} +can't specify resource templates with a `resources` field. Use function "Patch and Transform" to create resource templates. {{< /hint >}} -Some Functions also allow you to specify an -{{}}input{{}}. +Some Functions also allow you to specify an +{{}}input{{}}. The function defines the {{}}kind{{}} of input. This example uses [Function Patch and Transform]({{}}). Function Patch and Transform implements Crossplane resource -templates. -The input kind is {{}}Resources{{}}, +templates. +The input kind is {{}}Resources{{}}, and it accepts {{}}resources{{}} as input. ```yaml {label="single",copy-lines="none"} @@ -239,7 +239,7 @@ calls them all. It calls them in the order they appear in the pipeline. Crossplane passes each Function in the pipeline the result of the previous Function. This enables powerful combinations of Functions. In this example, Crossplane calls {{}}function-cue{{}} to -create an S3 bucket. Crossplane then passes the bucket to +create an S3 bucket. Crossplane then passes the bucket to {{}}function-auto-ready{{}}, which marks the composite resource as ready when the bucket becomes ready. @@ -272,22 +272,22 @@ spec: ### Enable composite resources -A Composition is only a template defining how to create managed +A Composition is only a template defining how to create managed resources. A Composition limits which Composite Resources can use this -template. +template. -A Composition's {{}}compositeTypeRef{{}} -defines which Composite Resource type can use this Composition. +A Composition's {{}}compositeTypeRef{{}} +defines which Composite Resource type can use this Composition. {{}} -Read more about Composite Resources in the -[Composite Resources page]({{}}). +Read more about Composite Resources in the +[Composite Resources page]({{}}). {{< /hint >}} -Inside a Composition's +Inside a Composition's {{}}spec{{}} -define the Composite Resource -{{}}apiVersion{{}} and +define the Composite Resource +{{}}apiVersion{{}} and {{}}kind{{}} that the Composition allows to use this template. @@ -306,26 +306,26 @@ spec: ### Store connection details Some managed resources generate unique details like usernames, passwords, IP -addresses, ports or other connection details. +addresses, ports or other connection details. When resources inside a Composition create connection details Crossplane creates a Kubernetes secret object for each managed resource generating connection -details. +details. {{}} -This section discusses creating Kubernetes secrets. +This section discusses creating Kubernetes secrets. Crossplane also supports using external secret stores like -[HashiCorp Vault](https://www.vaultproject.io/). +[HashiCorp Vault](https://www.vaultproject.io/). Read the [external secrets store guide]({{}}) for more information on using Crossplane -with an external secret store. +with an external secret store. {{}} #### Composite resource combined secret Crossplane can combine all the secrets generated by the resources inside a Composition into a single Kubernetes secret and optionally copy the secret -object for claims. +object for claims. Set the value of `writeConnectionSecretsToNamespace` to the namespace where Crossplane should store the combined secret object. @@ -344,7 +344,7 @@ spec: Inside the `spec` of each resource producing connection details, define the `writeConnectionSecretToRef`, with a `namespace` and `name` of the secret object -for the resource. +for the resource. If a `writeConnectionSecretToRef` isn't defined, Crossplane doesn't write any keys to the secret. @@ -389,10 +389,10 @@ Remember to create a unique name for each secret. #### External secret stores -Crossplane -[External Secret Stores]({{}}) +Crossplane +[External Secret Stores]({{}}) write secrets and connection details to external secret stores like HashiCorp -Vault. +Vault. {{}} External Secret Stores are an alpha feature. @@ -403,7 +403,7 @@ Stores by default. Use `publishConnectionDetailsWithStoreConfigRef` in place of `writeConnectionSecretsToNamespace` to define the `StoreConfig` to save -connection details to. +connection details to. For example, using a `StoreConfig` with the `name` "vault," use `publishConnectionDetailsWithStoreConfigRef.name` matching the @@ -421,13 +421,13 @@ apiVersion: apiextensions.crossplane.io/v1 kind: Composition # Removed for Brevity spec: - publishConnectionDetailsWithStoreConfigRef: + publishConnectionDetailsWithStoreConfigRef: name: vault # Removed for brevity ``` For more details read the -[External Secret Stores]({{}}) +[External Secret Stores]({{}}) integration guide. ## Test a composition @@ -451,7 +451,7 @@ Running `crossplane render` requires [Docker](https://www.docker.com). {{< /hint >}} Provide a composite resource, composition and composition functions to render -the output locally. +the output locally. ```shell crossplane render xr.yaml composition.yaml functions.yaml @@ -616,18 +616,18 @@ xsqlinstances.aws.platformref.upbound.io XSQLInstance aws.platformref.upboun ``` The `XR-KIND` lists the Composite Resource `kind` that's allowed to use the -Composition template. +Composition template. The `XR-APIVERSION` lists the Composite Resource API versions allowed to use the -Composition template. +Composition template. {{}} The output of `kubectl get composition` is different than `kubectl get -composite`. +composite`. `kubectl get composition` lists all available Compositions. `kubectl get composite` lists all created Composite Resources and their related -Composition. +Composition. {{< /hint >}} ## Composition validation @@ -657,18 +657,18 @@ If using `mode: Pipeline` (Composition Functions): ### Composition schema aware validation Crossplane also performs schema aware -validation of Compositions. Schema validation checks that `patches`, -`readinessChecks` and `connectionDetails` are valid according to the resource -schemas. For example, checking that the source and destination fields of a patch +validation of Compositions. Schema validation checks that `patches`, +`readinessChecks` and `connectionDetails` are valid according to the resource +schemas. For example, checking that the source and destination fields of a patch are valid according to the source and destination resource schema. {{}} Composition schema aware validation is a beta feature. Crossplane enables -beta features by default. +beta features by default. Disable schema aware validation by setting the `--enable-composition-webhook-schema-validation=false` flag on the Crossplane -pod. +pod. The [Crossplane Pods]({{}}) page has more information on enabling Crossplane flags. @@ -698,12 +698,12 @@ The following modes are available: {{< /table >}} Change the validation mode for a Composition with the -{{}}crossplane.io/composition-schema-aware-validation-mode{{}} +{{}}crossplane.io/composition-schema-aware-validation-mode{{}} annotation. If not specified, the default mode is `warn`. -For example, to enable `loose` mode checking set the annotation value to +For example, to enable `loose` mode checking set the annotation value to {{}}loose{{}}. ```yaml {copy-lines="none",label="mode"} @@ -827,7 +827,7 @@ Crossplane errors if stability isn't reached after 5 iterations. A _composed_ resource is a resource created by a composite resource. Composed resources are usually Crossplane managed resources (MRs), but they can be any kind of Crossplane resource. For example a composite resource could also create -a ProviderConfig, or another kind of composite resource. +a ProviderConfig, or another kind of composite resource. {{}} @@ -986,4 +986,4 @@ context. Crossplane can write context too. If you enable the alpha [composition environment]({{}}) feature Crossplane writes the environment to the top-level context field -`apiextensions.crossplane.io/environment`. \ No newline at end of file +`apiextensions.crossplane.io/environment`. diff --git a/content/v1.17/concepts/connection-details.md b/content/v1.20/concepts/connection-details.md similarity index 100% rename from content/v1.17/concepts/connection-details.md rename to content/v1.20/concepts/connection-details.md diff --git a/content/v1.20/concepts/environment-configs.md b/content/v1.20/concepts/environment-configs.md new file mode 100644 index 00000000..f19be32a --- /dev/null +++ b/content/v1.20/concepts/environment-configs.md @@ -0,0 +1,500 @@ +--- +title: Environment Configurations +weight: 75 +state: beta +alphaVersion: "1.11" +betaVersion: "1.18" +description: "Environment Configurations or EnvironmentConfigs are an in-memory datastore used in Compositions" +--- + + + + +A Crossplane EnvironmentConfig is a cluster-scoped, strongly typed, +[ConfigMap](https://kubernetes.io/docs/concepts/configuration/configmap/)-like +resource used by Compositions. Compositions can use the environment to store +information from individual resources or to apply patches. + +Crossplane supports multiple `EnvironmentConfigs`, each acting as a unique +data store. + +When Crossplane creates a composite resource, Crossplane merges all the +EnvironmentConfigs referenced in the associated Composition and creates a unique +in-memory environment for that composite resource. + +The composite resource can read and write data to their unique +in-memory environment. + +{{}} +The in-memory environment is unique to each composite resource. +A composite resource can't read data in another composite resource's +environment. +{{< /hint >}} + + +## Create an EnvironmentConfig + + +An {{}}EnvironmentConfig{{}} has a single +object field, +{{}}data{{}}. + +An EnvironmentConfig supports any data inside the +{{}}data{{}} field. + +Here an example +{{}}EnvironmentConfig{{}}. + +```yaml {label="env1"} +apiVersion: apiextensions.crossplane.io/v1beta1 +kind: EnvironmentConfig +metadata: + name: example-environment +data: + locations: + us: us-east-2 + eu: eu-north-1 + key1: value1 + key2: value2 + key3: + - item1 + - item2 +``` + +## Access EnvironmentConfigs + +`EnvironmentConfigs` can be accessed by [Composition Functions] supporting +[extra-resources], for example [function-environment-configs] or +[function-go-templating]. + +## Migration from Alpha Composition Environment + +Crossplane (`<=v1.17`) natively supported selecting `EnvironmentConfigs`, +merging them into an `in-memory environment` and patching between that, +composed and composite resources. From `v1.18`, this native capability has been +removed, in favor of [Composition Functions]. + +Users that enabled Alpha Composition Environments +(`--enable-environment-configs`) and leveraged the native functionality +(`spec.environment.patches`, `spec.environment.environmentConfigs` and +`*Environment` patches), will have to migrate to Composition Functions to +continue doing so. + +Automated migration to `Pipeline` mode is available through `crossplane beta +convert pipeline-composition`, which will move a composition using `Resource` +mode, to [function-patch-and-transform] and, if needed, +[function-environment-configs]. + +See the documentation of [function-environment-configs] for more details about manual +migration. + + +## Select an EnvironmentConfig using function-environment-configs + + +Select the EnvironmentConfigs to use through [function-environment-configs]'s `Input`. + +The `environmentConfigs` field is a list of `EnvironmentConfigs` we want +retrieved, merged and passed to the next step in the pipeline through the +[Context] at a well known key, `apiextensions.crossplane.io/environment`. + +Select an environment by `Reference` or by `Selector`: + +* A `Reference` selects an `EnvironmentConfig` by name. +* The `Selector` selects an `EnvironmentConfig` by labels. + +```yaml {label="comp",copy-lines="none"} +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: example-composition +spec: + mode: Pipeline + pipeline: + - step: environmentConfigs + functionRef: + name: function-environment-configs + input: + apiVersion: environmentconfigs.fn.crossplane.io/v1beta1 + kind: Input + spec: + environmentConfigs: + - type: Reference + ref: + name: example-environment + - type: Selector + selector: + matchLabels: + # Removed for brevity + # the environment will be passed to the next function in the pipeline + # as part of the context + +# Next step consuming the merged environment removed for brevity... +``` + +If a Composition uses multiple `EnvironmentConfigs`, +[function-environment-configs] merges them together in the order they're +listed. + +### Select by name + +Select an `EnvironmentConfig` by name with `type: Reference`. + +Define `ref.name` to match the exact name of the environment. + + +For example, select the `EnvironmentConfig` named `example-environment`: + +```yaml {label="byName",copy-lines="all"} +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: example-composition +spec: + mode: Pipeline + pipeline: + - step: environmentConfigs + functionRef: + name: function-environment-configs + input: + apiVersion: environmentconfigs.fn.crossplane.io/v1beta1 + kind: Input + spec: + environmentConfigs: + - type: Reference + ref: + name: example-environment +``` + +### Select by label + +Select an `EnvironmentConfig` by labels with a `type: Selector`. + +Define `selector.matchLabels` to a list of selectors either of type `Value`, or `FromCompositeFieldPath`. + +When matching the label's value, provide an exact value with a +`type: Value` and provide the value to match in the `value` field. + +[function-environment-configs] can also match a label's value based on an input +in the composite resource. Use `type: FromCompositeFieldPath` and provide the +field to match in the `valueFromFieldPath` field. + +```yaml {label="byLabel",copy-lines="all"} +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: example-composition +spec: + mode: Pipeline + pipeline: + - step: environmentConfigs + functionRef: + name: function-environment-configs + input: + apiVersion: environmentconfigs.fn.crossplane.io/v1beta1 + kind: Input + spec: + environmentConfigs: + - type: Selector + selector: + matchLabels: + - key: my-label-key + type: Value + value: my-label-value + - key: my-label-key + type: FromCompositeFieldPath + valueFromFieldPath: spec.parameters.deploy + # Removed for brevity +``` + +#### Manage selector results + +Selecting environments by labels may return more than one environment. +[function-environment-configs], by default, sorts all the results by name and +only uses the first environment in the sorted list. + +Set the `selector.mode` to `Multiple` to return all matched EnvironmentConfigs. +Use `mode: Single` to return a single environment, and error out if more than +one match is found. + +Sorting and the selection mode only applies to a single `Selector`. + +```yaml {label="selectResults"} +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: example-composition +spec: + mode: Pipeline + pipeline: + - step: environmentConfigs + functionRef: + name: function-environment-configs + input: + apiVersion: environmentconfigs.fn.crossplane.io/v1beta1 + kind: Input + spec: + environmentConfigs: + - type: Selector + selector: + mode: Multiple + matchLabels: + - key: my-label-key + type: Value + value: my-label-value + - key: my-label-key + type: FromCompositeFieldPath + valueFromFieldPath: spec.parameters.deploy + - type: Selector + selector: + mode: Single + matchLabels: + - key: my-other-label-key + type: Value + value: my-other-label-value + - key: my-other-label-key + type: FromCompositeFieldPath + valueFromFieldPath: spec.parameters.deploy +``` + +When using `mode: Multiple` limit the number of returned `EnvironmentConfigs` +with `maxMatch` and define the maximum number to select. + +Use `minMatch` and define the minimum number of environments returned. + +The Function sorts the returned environments alphabetically by name by default. +Sort the environments on a different field with `sortByFieldPath` and define +the field to sort by. + + +```yaml {label="maxMatch"} +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: example-composition +spec: + mode: Pipeline + pipeline: + - step: environmentConfigs + functionRef: + name: function-environment-configs + input: + apiVersion: environmentconfigs.fn.crossplane.io/v1beta1 + kind: Input + spec: + environmentConfigs: + - type: Selector + selector: + mode: Multiple + maxMatch: 4 + sortByFieldPath: metadata.annotations[sort.by/weight] + matchLabels: + - key: my-label-key + type: Value + value: my-label-value + - key: my-label-key + type: FromCompositeFieldPath + valueFromFieldPath: spec.parameters.deploy +``` + +The EnvironmentConfigs selected by `matchLabels` are then merged with all the +other ones specified. + +#### Optional selector labels +By default, Crossplane issues an error if the specified `valueFromFieldPath` +field doesn't exist in the composite resource. + +Set `fromFieldPathPolicy` to `Optional` to ignore a field if it doesn't exist. + +```yaml {label="byLabelOptional",copy-lines="all"} +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: example-composition +spec: + mode: Pipeline + pipeline: + - step: environmentConfigs + functionRef: + name: function-environment-configs + input: + apiVersion: environmentconfigs.fn.crossplane.io/v1beta1 + kind: Input + spec: + environmentConfigs: + - type: Selector + selector: + mode: Multiple + maxMatch: 4 + sortByFieldPath: metadata.annotations[sort.by/weight] + matchLabels: + - key: my-label-key + type: Value + value: my-label-value + - key: my-label-key + type: FromCompositeFieldPath + valueFromFieldPath: spec.parameters.deploy + fromFieldPathPolicy: Optional + # Removed for brevity +``` + + +Set a default value for an optional label by setting the default `value` for +the `key` first using a `Value` selector, then define the `Optional` +`FromCompositeFieldPath` one. + +For example, the Composition below defines `value: my-default-value` for the key +`my-second-label-key`. If the Composite resource defines +`spec.parameters.deploy`, [function-environment-configs] will use that instead. + +```yaml {label="byLabelOptionalDefault",copy-lines="all"} +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: example-composition +spec: + mode: Pipeline + pipeline: + - step: environmentConfigs + functionRef: + name: function-environment-configs + input: + apiVersion: environmentconfigs.fn.crossplane.io/v1beta1 + kind: Input + spec: + environmentConfigs: + - type: Selector + selector: + matchLabels: + - key: my-first-label-key + type: Value + value: my-label-value + - key: my-second-label-key + type: Value + value: my-default-value + - key: my-second-label-key + type: FromCompositeFieldPath + valueFromFieldPath: spec.parameters.deploy + fromFieldPathPolicy: Optional + # Removed for brevity +``` + +{{}} +[function-environment-configs](https://github.com/crossplane-contrib/function-environment-configs) +applies values in order. The value of the last key defined always takes precedence. + +Defining the default value _after_ the label always overwrites the label +value. +{{< /hint >}} + +## Patching with EnvironmentConfigs using function-patch-and-transform + +`EnvironmentConfigs` selected as explained above, are then merged in an +`in-memory environment` by [function-environment-configs] and passed to the +next function in the pipeline at a well known key, +`apiextensions.crossplane.io/environment`. + +[function-patch-and-transform] can be used to read or write data between the in-memory environment and +composite resource or individual composed resources. + +{{}} +The Patch and Transform function can use the environment to patch composed +resources. Read about EnvironmentConfig patch types in the +[Patch and Transform function documentation]({{}}). +{{< /hint >}} + +### Patch between Composite resource and environment + +To patch between Composite resource and environment define patches at +`spec.environment.patches` in the `Resources` input of [function-patch-and-transform]. + +Use the `ToCompositeFieldPath` patch type to copy data from the in-memory +environment to the Composite resource. Use the `FromCompositeFieldPath` to +copy data from the Composite resource to the in-memory environment. + +```yaml {label="xrpatch",copy-lines="none"} +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: example-composition +spec: + mode: Pipeline + pipeline: + # Removed for Brevity + - step: patch-and-transform + functionRef: + name: function-patch-and-transform + input: + apiVersion: pt.fn.crossplane.io/v1beta1 + kind: Resources + environment: + patches: + - type: ToCompositeFieldPath + fromFieldPath: tags + toFieldPath: metadata.labels[envTag] + - type: FromCompositeFieldPath + fromFieldPath: metadata.name + toFieldPath: newEnvironmentKey +# Removed for Brevity +``` + +Individual resources can use any data written to the in-memory environment. + +`CombineFromComposite` and `CombineToComposite` can be used to combine multiple +values and write the result either to the in-memory environment or the +Composite resource, respectively. + +### Patch an individual resource + +To patch between individual resources and the in-memory environment, inside the +patches of the resource, use `ToEnvironmentFieldPath` to copy data from the +resource to the in-memory environment. Use `FromEnvironmentFieldPath` to copy +data to the resource from the in-memory environment. + +```yaml {label="envpatch",copy-lines="none"} +apiVersion: apiextensions.crossplane.io/v1 +kind: Composition +metadata: + name: example-composition +spec: + mode: Pipeline + pipeline: + # Removed for Brevity + - step: patch-and-transform + functionRef: + name: function-patch-and-transform + input: + apiVersion: pt.fn.crossplane.io/v1beta1 + kind: Resources + # Removed for Brevity + resources: + - name: vpc + base: + apiVersion: ec2.aws.upbound.io/v1beta1 + kind: VPC + spec: + forProvider: + cidrBlock: 172.16.0.0/16 + patches: + - type: ToEnvironmentFieldPath + fromFieldPath: status.atProvider.id + toFieldPath: vpcId + - type: FromEnvironmentFieldPath + fromFieldPath: tags + toFieldPath: spec.forProvider.tags +``` + + + +{{}} +The [Patch and Transform]({{}}) documentation has more information on patching individual resources. +{{< /hint >}} + +[extra-resources]: {{}} +[function-environment-configs]: https://github.com/crossplane-contrib/function-environment-configs +[function-patch-and-transform]: {{}} +[function-go-templating]: https://github.com/crossplane-contrib/function-go-templating +[Composition Functions]: {{}} +[Context]: {{}} diff --git a/content/v1.20/concepts/image-configs.md b/content/v1.20/concepts/image-configs.md new file mode 100644 index 00000000..dbf4995e --- /dev/null +++ b/content/v1.20/concepts/image-configs.md @@ -0,0 +1,214 @@ +--- +title: Image Configs +weight: 400 +description: "Image Configs is an API for centralized control of the configuration of Crossplane package images." +--- + + + +`ImageConfig` is an API for centralized control over the configuration of +Crossplane package images. It allows you to configure package manager behavior +for images globally, without needing to be referenced by other objects. + +## Configuring a pull secret + +You can use `ImageConfig` to inject a pull secret into the Crossplane package +manager registry client whenever it interacts with the registry, such as for +dependency resolution or image pulls. + +In the following example, the `ImageConfig` resource named `acme-packages` is +configured to inject the pull secret named `acme-registry-credentials` whenever +it needs to interact with the registry for images with the prefix +`registry1.com/acme-co/`. + +```yaml +apiVersion: pkg.crossplane.io/v1beta1 +kind: ImageConfig +metadata: + name: acme-packages +spec: + matchImages: + - type: Prefix + prefix: registry1.com/acme-co/ + registry: + authentication: + pullSecretRef: + name: acme-registry-credentials +``` + +`spec.registry.authentication.pullSecretRef` is a reference to the pull secret +that should be injected into the registry client. The secret must be of type +`kubernetes.io/dockerconfigjson` and must be in the Crossplane installation +namespace, typically `crossplane-system`. One can create the secret using the +following command: + +```shell +kubectl -n crossplane-system create secret docker-registry acme-registry-credentials --docker-server=registry1.com --docker-username= --docker-password= +``` + +### Matching image references + +`spec.matchImages` is a list of image references that the `ImageConfig` applies +to. Each item in the list specifies the type and configuration of the image +reference to match. The only supported type is `Prefix`, which matches the +prefix of the image reference. No wildcards are supported. The `type` defaults +to `Prefix` and can be omitted. + +When there are multiple `ImageConfigs` matching an image reference, the one +with the longest matching prefix is selected. If there are multiple +`ImageConfigs` with the same longest matching prefix, one of them is selected +arbitrarily. Please note that this situation occurs only if there are +overlapping prefixes in the `matchImages` lists of different `ImageConfig` +resources, which should be avoided. + +### Debugging + +When the package manager selects an `ImageConfig` for a package, it throws an +event with the reason `ImageConfigSelection` and the name of the selected +`ImageConfig` and injected pull secret. You can find these events both on the +package and package revision resources. + +For example, the following event indicates that the `ImageConfig` named +`acme-packages` was selected for the configuration named `acme-configuration-foo`: + +```shell +$ kubectl describe configuration acme-configuration-foo +... +Events: + Type Reason Age From Message + ---- ------ ---- ---- ------- + Normal ImageConfigSelection 45s packages/configuration.pkg.crossplane.io Selected pullSecret "acme-registry-credentials" from ImageConfig "acme-packages" for registry authentication +``` + +If you can't find the expected event, ensure the prefix of the image reference +matches the `matchImages` list of any `ImageConfig` resources in the cluster. + +## Configuring signature verification + +{{}} +Signature verification is an alpha feature and needs to be enabled with the +`--enable-signature-verification` feature flag. +{{< /hint >}} + +You can use `ImageConfig` to configure signature verification for images. When +signature verification is enabled, the package manager verifies the signature of +each image before pulling it. If the signature isn't valid, the package manager +rejects the package deployment. + +In the following example, the `ImageConfig` resource named `verify-acme-packages` +is configured to verify the signature of images with the prefixes +`registry1.com/acme-co/configuration-foo` and +`registry1.com/acme-co/configuration-bar`. + +In the example below, the `ImageConfig` resource named `verify-acme-packages` is +set up to verify the signatures of images with the prefixes +`registry1.com/acme-co/configuration-foo` and `registry1.com/acme-co/configuration-bar`. + +```yaml +apiVersion: pkg.crossplane.io/v1beta1 +kind: ImageConfig +metadata: + name: verify-acme-packages +spec: + matchImages: + - type: Prefix + prefix: registry1.com/acme-co/configuration-foo + - type: Prefix + prefix: registry1.com/acme-co/configuration-bar + verification: + provider: Cosign + cosign: + authorities: + - name: verify acme packages + keyless: + identities: + - issuer: https://token.actions.githubusercontent.com + subject: https://github.com/acme-co/crossplane-packages/.github/workflows/supplychain.yml@refs/heads/main + attestations: + - name: verify attestations + predicateType: spdxjson +``` + +`spec.verification.provider` specifies the signature verification provider. +The only supported provider is `Cosign`. `spec.verification.cosign` contains the +configuration for the Cosign provider. The `authorities` field contains the +configuration for the authorities that sign the images. The `attestations` field +contains the configuration for verifying the attestations of the images. + +The `ImageConfig` API follows the same API shape as [Policy Controller](https://docs.sigstore.dev/policy-controller/overview/) +from [Sigstore](https://docs.sigstore.dev/). Crossplane initially supports a +subset of the Policy Controller configuration options which can be found in the +[API reference](https://docs.crossplane.io/master/api/#ImageConfig-spec-verification-cosign) +for the `ImageConfig` resource together with their descriptions. + +When multiple authorities are provided, the package manager verifies the +signature against each authority until it finds a valid one. If any of the +authorities' signatures are valid, the package manager accepts the image. +Similarly, when multiple identities or attestations are provided, the package +manager verifies until it finds a valid match and fails if none of them matches. + +Matching the image reference to the `ImageConfig` works similarly to the pull +secret configuration, as described in the previous section. + +### Checking the signature verification status + +When signature verification is enabled, the respective controller reports the +verification status as a condition of type `Verified` on the package revision +resources. This condition indicates whether the signature verification was +successful, failed, skipped, or incomplete due to an error. + +#### Example conditions + +**Verification skipped:** The package manager skipped signature verification for +the package revision because there were no matching `ImageConfig` with signature +verification configuration. + +```yaml + - lastTransitionTime: "2024-10-23T16:38:51Z" + reason: SignatureVerificationSkipped + status: "True" + type: Verified +``` + +**Verification successful:** The package manager successfully verified the +signature of the image in the package revision. + +```yaml + - lastTransitionTime: "2024-10-23T16:43:05Z" + message: Signature verification succeeded with ImageConfig named "verify-acme-packages" + reason: VerificationSucceeded + status: "True" + type: Verified +``` + +**Verification failed:** The package manager failed to verify the signature of +the image in the package revision. + +```yaml + - lastTransitionTime: "2024-10-23T16:42:44Z" + message: 'Signature verification failed with ImageConfig named "verify-acme-packages": + [signature keyless validation failed for authority verify acme packages + for registry1.com/acme-co/configuration-foo:v0.2.0: no signatures found: ]' + reason: SignatureVerificationFailed + status: "False" + type: Verified +``` + +**Verification incomplete:** The package manager encountered an error while +verifying the signature of the image in the package revision. + +```yaml + - lastTransitionTime: "2024-10-23T16:44:22Z" + message: 'Error occurred during signature verification cannot get image verification + config: cannot get cosign verification config: no data found for key "cosign.pub" + in secret "cosign-public-key"' + reason: SignatureVerificationIncomplete + status: "False" + type: Verified +``` + +If you can't see this condition on the package revision resource, namely +`ProviderRevision`, `ConfigurationRevision`, or `FunctionRevision`, ensure that +the feature is enabled. + + \ No newline at end of file diff --git a/content/v1.17/concepts/managed-resources.md b/content/v1.20/concepts/managed-resources.md similarity index 99% rename from content/v1.17/concepts/managed-resources.md rename to content/v1.20/concepts/managed-resources.md index c8dfa997..1c163ea7 100644 --- a/content/v1.17/concepts/managed-resources.md +++ b/content/v1.20/concepts/managed-resources.md @@ -35,7 +35,7 @@ Provider also define the available settings of a managed resource. Each managed resource is a unique API endpoint with their own group, kind and version. -For example [provider-upjet-aws](https://github.com/crossplane-contrib/provider-upjet-aws) +For example the [AWS Provider](https://github.com/crossplane-contrib/provider-upjet-aws) defines the {{}}Instance{{}} kind from the group {{}}ec2.aws.upbound.io{{}} diff --git a/content/v1.17/concepts/packages.md b/content/v1.20/concepts/packages.md similarity index 72% rename from content/v1.17/concepts/packages.md rename to content/v1.20/concepts/packages.md index f7fae583..498996b7 100644 --- a/content/v1.17/concepts/packages.md +++ b/content/v1.20/concepts/packages.md @@ -5,44 +5,44 @@ altTitle: "Crossplane Packages" weight: 200 --- -A _Configuration_ package is an -[OCI container images](https://opencontainers.org/) containing a collection of -[Compositions]({{}}), +A _Configuration_ package is an +[OCI container image](https://opencontainers.org/) containing a collection of +[Compositions]({{}}), [Composite Resource Definitions]({{}}) -and any required [Providers]({{}}) or +and any required [Providers]({{}}) or [Functions]({{}}). -Configuration packages make your Crossplane configuration fully portable. +Configuration packages make your Crossplane configuration fully portable. {{}} -Crossplane [Providers]({{}}) and -[Functions]({{}}) are also Crossplane packages. +Crossplane [Providers]({{}}) and +[Functions]({{}}) are also Crossplane packages. -This document describes how to install and manage configuration packages. +This document describes how to install and manage configuration packages. -Refer to the -[Provider]({{}}) and +Refer to the +[Provider]({{}}) and [Composition Functions]({{}}) chapters for -details on their usage of packages. +details on their usage of packages. {{< /hint >}} ## Install a Configuration -Install a Configuration with a Crossplane -{{}}Configuration{{}} object by setting +Install a Configuration with a Crossplane +{{}}Configuration{{}} object by setting the {{}}spec.package{{}} value to the location of the configuration package. {{< hint "important" >}} Beginning with Crossplane version 1.20.0 Crossplane uses the [crossplane-contrib](https://github.com/orgs/crossplane-contrib/packages) GitHub Container Registry at `xpkg.crossplane.io` by default for downloading and -installing packages. +installing packages. Specify the full domain name with the `package` or change the default Crossplane registry with the `--registry` flag on the [Crossplane pod]({{}}) {{< /hint >}} -For example to install the -[Getting Started Configuration](https://github.com/crossplane-contrib/configuration-quickstart), +For example to install the +[Getting Started Configuration](https://github.com/crossplane-contrib/configuration-quickstart), ```yaml {label="install"} apiVersion: pkg.crossplane.io/v1 @@ -53,8 +53,22 @@ spec: package: xpkg.crossplane.io/crossplane-contrib/configuration-quickstart:v0.1.0 ``` +{{}} +Crossplane supports installations with image digests instead of tags to get deterministic +and repeatable installations. + +```yaml {label="digest"} +apiVersion: pkg.crossplane.io/v1 +kind: Configuration +metadata: + name: configuration-quickstart +spec: + package: xpkg.crossplane.io/crossplane-contrib/configuration-quickstart@sha256:ef9795d146190637351a5c5848e0bab5e0c190fec7780f6c426fbffa0cb68358 +``` +{{< /hint >}} + Crossplane installs the Compositions, Composite Resource Definitions and -Providers listed in the Configuration. +Providers listed in the Configuration. ### Install with Helm @@ -65,7 +79,7 @@ Use the {{}}--set configuration.packages{{}} argument with `helm install`. -For example, to install the Getting Started Configuration, +For example, to install the Getting Started configuration, ```shell {label="helm"} helm install crossplane \ @@ -77,9 +91,9 @@ crossplane-stable/crossplane \ ### Install offline -Installing Crossplane packages offline requires a local container registry like +Installing Crossplane packages offline requires a local container registry, such as [Harbor](https://goharbor.io/) to host the packages. Crossplane only -supports installing packages from a container registry. +supports installing packages from a container registry. Crossplane doesn't support installing packages directly from Kubernetes volumes. @@ -87,15 +101,15 @@ volumes. ### Installation options Configurations support multiple options to change configuration package related -settings. +settings. #### Configuration revisions When installing a newer version of an existing Configuration Crossplane creates -a new configuration revision. +a new configuration revision. -View the configuration revisions with +View the configuration revisions with {{}}kubectl get configurationrevisions{{}}. ```shell {label="rev",copy-lines="1"} @@ -106,20 +120,20 @@ platform-ref-aws-3ac761211893 True 1 xpkg.crossplane.io/crosspla ``` Only a single revision is active at a time. The active revision determines the -available resources, including Compositions and Composite Resource Definitions. +available resources, including Compositions and Composite Resource Definitions. By default Crossplane keeps only a single _Inactive_ revision. -Change the number of revisions Crossplane maintains with a Configuration package -{{}}revisionHistoryLimit{{}}. +Change the number of revisions Crossplane maintains with a Configuration package +{{}}revisionHistoryLimit{{}}. The {{}}revisionHistoryLimit{{}} -field is an integer. -The default value is `1`. -Disable storing revisions by setting +field is an integer. +The default value is `1`. +Disable storing revisions by setting {{}}revisionHistoryLimit{{}} to `0`. -For example, to change the default setting and store 10 revisions use +For example, to change the default setting and store 10 revisions use {{}}revisionHistoryLimit: 10{{}}. ```yaml {label="revHistory"} @@ -138,26 +152,26 @@ Use a {{}}packagePullPolicy{{}} to define when Crossplane should download the Configuration package to the local Crossplane package cache. -The `packagePullPolicy` options are: +The `packagePullPolicy` options are: * `IfNotPresent` - (**default**) Only download the package if it isn't in the cache. * `Always` - Check for new packages every minute and download any matching package that isn't in the cache. * `Never` - Never download the package. Packages are only installed from the - local package cache. + local package cache. {{}} -The Crossplane +The Crossplane {{}}packagePullPolicy{{}} works -like the Kubernetes container image -[image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy). +like the Kubernetes container image +[image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy). Crossplane supports the use of tags and package digest hashes like -Kubernetes images. +Kubernetes images. {{< /hint >}} -For example, to `Always` download a given Configuration package use the +For example, to `Always` download a given Configuration package use the {{}}packagePullPolicy: Always{{}} -configuration. +configuration. ```yaml {label="pullpolicy",copy-lines="6"} apiVersion: pkg.crossplane.io/v1 @@ -172,20 +186,20 @@ spec: #### Revision activation policy The `Active` package revision -is the package controller actively reconciling resources. +is the package controller actively reconciling resources. -By default Crossplane sets the most recently installed package revision as +By default Crossplane sets the most recently installed package revision as `Active`. Control the Configuration upgrade behavior with a {{}}revisionActivationPolicy{{}}. -The {{}}revisionActivationPolicy{{}} +The {{}}revisionActivationPolicy{{}} options are: * `Automatic` - (**default**) Automatically activate the last installed configuration. -* `Manual` - Don't automatically activate a configuration. +* `Manual` - Don't automatically activate a configuration. -For example, to change the upgrade behavior to require manual upgrades, set +For example, to change the upgrade behavior to require manual upgrades, set {{}}revisionActivationPolicy: Manual{{}}. ```yaml {label="revision"} @@ -201,14 +215,14 @@ spec: #### Install a Configuration from a private registry -Like Kubernetes uses `imagePullSecrets` to -[install images from private registries](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/), -Crossplane uses `packagePullSecrets` to install Configuration packages from a -private registry. +Like Kubernetes uses `imagePullSecrets` to +[install images from private registries](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/), +Crossplane uses `packagePullSecrets` to install Configuration packages from a +private registry. Use {{}}packagePullSecrets{{}} to provide a -Kubernetes secret to use for authentication when downloading a Configuration -package. +Kubernetes secret to use for authentication when downloading a Configuration +package. {{}} The Kubernetes secret must be in the same namespace as Crossplane. @@ -218,7 +232,7 @@ The {{}}packagePullSecrets{{}} is a list of secrets. For example, to use the secret named -{{}}example-secret{{}} configure a +{{}}example-secret{{}} configure a {{}}packagePullSecrets{{}}. ```yaml {label="pps"} @@ -227,7 +241,7 @@ kind: Configuration metadata: name: platform-ref-aws spec: - packagePullSecrets: + packagePullSecrets: - name: example-secret # Removed for brevity ``` @@ -235,19 +249,19 @@ spec: #### Ignore dependencies By default Crossplane installs any [dependencies](#manage-dependencies) listed -in a Configuration package. +in a Configuration package. -Crossplane can ignore a Configuration package's dependencies with +Crossplane can ignore a Configuration package's dependencies with {{}}skipDependencyResolution{{}}. {{< hint "warning" >}} -Most Configurations include dependencies for the required Providers. +Most Configurations include dependencies for the required Providers. -If a Configuration ignores dependencies, the required Providers must be +If a Configuration ignores dependencies, the required Providers must be manually installed. {{< /hint >}} -For example, to disable dependency resolution configure +For example, to disable dependency resolution configure {{}}skipDependencyResolution: true{{}}. ```yaml {label="pkgDep"} @@ -260,17 +274,58 @@ spec: # Removed for brevity ``` +#### Automatically update dependency versions + +Crossplane can automatically upgrade a package's dependency version to the minimum +valid version that satisfies all the constraints. It's an alpha feature that +requires enabling with the `--enable-dependency-version-upgrades` flag. + +In some cases, dependency version downgrade is required for proceeding with +installations. Suppose configuration A, which depends on package X with the +constraint`>=v0.0.0`, is installed on the control plane. In this case, the package +manager installs the latest version of package X, such as `v3.0.0`. Later, you decide +to install configuration B, which depends on package X with the constraint `<=v2.0.0`. +Since version `v2.0.0` satisfies both conditions, package X must be downgraded to +allow the installation of configuration B which is disabled by default. + +Automatic dependency version downgrades is also an alpha feature that can be +enabled with the `--enable-dependency-version-downgrades` flag. Downgrading a +package can cause unexpected behavior, therefore, this option is disabled by +default. After enabling this option, the package manager will automatically +downgrade a package's dependency version to the maximum valid version that +satisfies the constraints. + +{{}} +This configuration requires the `--enable-dependency-version-upgrades` flag. +Please check the +[configuration options]({{}}) +and +[feature flags]({{}}) +are available in the +[Crossplane Install]({{}}) +section for more details. +{{}} + +{{}} +Enabling automatic dependency downgrades may have unintended consequences, such as: + +1) CRDs missing in the downgraded version, possibly leaving orphaned MRs without +controllers to reconcile them. +2) Loss of data if downgraded CRD versions omit fields that were set before. +3) Changes in the CRD storage version, which may prevent package version update. +{{}} + #### Ignore Crossplane version requirements -A Configuration package may require a specific or minimum Crossplane version -before installing. By default, Crossplane doesn't install a Configuration if -the Crossplane version doesn't meet the required version. +A Configuration package may require a specific or minimum Crossplane version +before installing. By default, Crossplane doesn't install a Configuration if +the Crossplane version doesn't meet the required version. -Crossplane can ignore the required version with +Crossplane can ignore the required version with {{}}ignoreCrossplaneConstraints{{}}. For example, to install a Configuration package into an unsupported Crossplane -version, configure +version, configure {{}}ignoreCrossplaneConstraints: true{{}}. ```yaml {label="xpVer"} @@ -286,7 +341,7 @@ spec: ### Verify a Configuration -Verify a Configuration with +Verify a Configuration with {{}}kubectl get configuration{{}}. A working configuration reports `Installed` and `Healthy` as `True`. @@ -300,10 +355,10 @@ platform-ref-aws True True xpkg.crossplane.io/crossplane-contrib/c ### Manage dependencies Configuration packages may include dependencies on other packages including -Functions, Providers or other Configurations. +Functions, Providers or other Configurations. If Crossplane can't meet the dependencies of a Configuration the Configuration -reports `HEALTHY` as `False`. +reports `HEALTHY` as `False`. For example, this installation of the Getting Started Configuration is `HEALTHY: False`. @@ -314,7 +369,7 @@ NAME INSTALLED HEALTHY PACKAGE platform-ref-aws True False xpkg.crossplane.io/crossplane-contrib/configuration-quickstart:v0.1.0 71s ``` -To see more information on why the Configuration isn't `HEALTHY` use +To see more information on why the Configuration isn't `HEALTHY` use {{}}kubectl describe configurationrevisions{{}}. ```yaml {copy-lines="1",label="depend"} @@ -338,67 +393,67 @@ Status: Events: Type Reason Age From Message ---- ------ ---- ---- ------- - Warning LintPackage 29s (x2 over 29s) packages/configurationrevision.pkg.crossplane.io incompatible Crossplane version: package is not compatible with Crossplane version (v1.12.0) + Warning LintPackage 29s (x2 over 29s) packages/configurationrevision.pkg.crossplane.io incompatible Crossplane version: package isn't compatible with Crossplane version (v1.12.0) ``` -The {{}}Events{{}} show a +The {{}}Events{{}} show a {{}}Warning{{}} with a message that the -current version of Crossplane doesn't meet the Configuration package +current version of Crossplane doesn't meet the Configuration package requirements. ## Create a Configuration -Crossplane Configuration packages are +Crossplane Configuration packages are [OCI container images](https://opencontainers.org/) containing one or more YAML -files. +files. {{}} Configuration packages are fully OCI compliant. Any tool that builds OCI images -can build Configuration packages. +can build Configuration packages. It's strongly recommended to use the Crossplane command-line tool to -provide error checking and formatting to Crossplane package builds. +provide error checking and formatting to Crossplane package builds. -Read the -[Crossplane package specification](https://github.com/crossplane/crossplane/blob/main/contributing/specifications/xpkg.md) +Read the +[Crossplane package specification](https://github.com/crossplane/crossplane/blob/main/contributing/specifications/xpkg.md) for package requirements when building packages with third-party tools. {{}} A Configuration package requires a `crossplane.yaml` file and may include -Composition and CompositeResourceDefinition files. +Composition and CompositeResourceDefinition files. ### The crossplane.yaml file To build a Configuration package using the Crossplane CLI, create a file -named -{{}}crossplane.yaml{{}}. -The +named +{{}}crossplane.yaml{{}}. +The {{}}crossplane.yaml{{}} -file defines the requirements and name of the +file defines the requirements and name of the Configuration. {{}} The Crossplane CLI only supports a file named `crossplane.yaml`. {{< /hint >}} -Configuration package uses the +Configuration package uses the {{}}meta.pkg.crossplane.io{{}} Crossplane API group. -Specify any other Configurations, Functions or Providers in the -{{}}dependsOn{{}} list. -Optionally, you can require a specific or minimum package version with the +Specify any other Configurations, Functions or Providers in the +{{}}dependsOn{{}} list. +Optionally, you can require a specific or minimum package version with the {{}}version{{}} option. You can also define a specific or minimum version of Crossplane for this -Configuration with the -{{}}crossplane.version{{}} option. +Configuration with the +{{}}crossplane.version{{}} option. {{}} -Defining the {{}}crossplane{{}} object -or required versions is optional. +Defining the {{}}crossplane{{}} object +or required versions is optional. {{< /hint >}} ```yaml {label="cfgMeta",copy-lines="all"} @@ -409,7 +464,9 @@ metadata: name: test-configuration spec: dependsOn: - - provider: xpkg.crossplane.io/crossplane-contrib/provider-aws + - apiVersion: pkg.crossplane.io/v1 + kind: Provider + package: xpkg.crossplane.io/crossplane-contrib/provider-aws version: ">=v0.36.0" crossplane: version: ">=v1.12.1-0" @@ -417,8 +474,8 @@ spec: ### Build the package -Create the package using the -[Crossplane CLI]({{}}) command +Create the package using the +[Crossplane CLI]({{}}) command `crossplane xpkg build --package-root=`. Where the `` is the directory containing the `crossplane.yaml` file @@ -428,19 +485,19 @@ The CLI recursively searches for `.yml` or `.yaml` files in the directory to include in the package. {{}} -You must ignore any other YAML files with `--ignore=`. +You must ignore any other YAML files with `--ignore=`. For example, `crossplane xpkg build --package-root=test-directory --ignore=".tmp/*"`. -Including YAML files that aren't Compositions or CompositeResourceDefinitions, +Including YAML files that aren't Compositions or CompositeResourceDefinitions, including Claims isn't supported. {{}} -By default, Crossplane creates an `.xpkg` file of the Configuration name and +By default, Crossplane creates a `.xpkg` file of the Configuration name and a SHA-256 hash of the package contents. For example, a {{}}Configuration{{}} -named {{}}test-configuration{{}}. +named {{}}test-configuration{{}}. The Crossplane CLI builds a package named `test-configuration-e8c244f6bf21.xpkg`. diff --git a/content/v1.17/concepts/pods.md b/content/v1.20/concepts/pods.md similarity index 100% rename from content/v1.17/concepts/pods.md rename to content/v1.20/concepts/pods.md diff --git a/content/v1.17/concepts/providers.md b/content/v1.20/concepts/providers.md similarity index 88% rename from content/v1.17/concepts/providers.md rename to content/v1.20/concepts/providers.md index 30c8288d..0c7f668e 100644 --- a/content/v1.17/concepts/providers.md +++ b/content/v1.20/concepts/providers.md @@ -24,7 +24,7 @@ Examples of providers include: Providers define every external resource they can create in Kubernetes as a -Kubernetes API endpoint. +Kubernetes API endpoint. These endpoints are [_Managed Resources_]({{}}). @@ -32,10 +32,10 @@ These endpoints are ## Install a Provider -Installing a provider creates new Kubernetes resources representing the -Provider's APIs. Installing a provider also creates a Provider pod that's -responsible for reconciling the Provider's APIs into the Kubernetes cluster. -Providers constantly watch the state of the desired managed resources and create +Installing a provider creates new Kubernetes resources representing the +Provider's APIs. Installing a provider also creates a Provider pod that's +responsible for reconciling the Provider's APIs into the Kubernetes cluster. +Providers constantly watch the state of the desired managed resources and create any external resources that are missing. Install a Provider with a Crossplane @@ -45,7 +45,7 @@ location of the provider package. {{< hint "important" >}} Beginning with Crossplane version 1.20.0 Crossplane uses the [crossplane-contrib](https://github.com/orgs/crossplane-contrib/packages) GitHub Container Registry at `xpkg.crossplane.io` by default for downloading and -installing packages. +installing packages. Specify the full domain name with the `package` or change the default Crossplane registry with the `--registry` flag on the [Crossplane pod]({{}}) @@ -67,19 +67,19 @@ By default, the Provider pod installs in the same namespace as Crossplane (`crossplane-system`). {{}} -Providers are part of the -{{}}pkg.crossplane.io{{}} group. +Providers are part of the +{{}}pkg.crossplane.io{{}} group. The {{}}meta.pkg.crossplane.io{{}} -group is for creating Provider packages. +group is for creating Provider packages. Instructions on building Providers are outside of the scope of this -document. -Read the Crossplane contributing +document. +Read the Crossplane contributing [Provider Development Guide](https://github.com/crossplane/crossplane/blob/main/contributing/guide-provider-development.md) for more information. -For information on the specification of Provider packages read the +For information on the specification of Provider packages read the [Crossplane Provider Package specification](https://github.com/crossplane/crossplane/blob/main/contributing/specifications/xpkg.md#provider-package-requirements). ```yaml {label="meta-pkg"} @@ -113,9 +113,9 @@ crossplane-stable/crossplane \ ### Install offline -Installing Crossplane Providers offline requires a local container registry like +Installing Crossplane Providers offline requires a local container registry like [Harbor](https://goharbor.io/) to host Provider packages. Crossplane only -supports installing Provider packages from a container registry. +supports installing Provider packages from a container registry. Crossplane doesn't support installing Provider packages directly from Kubernetes volumes. @@ -123,7 +123,21 @@ volumes. ### Installation options Providers support multiple configuration options to change installation related -settings. +settings. + +{{}} +Crossplane supports installations with image digests instead of tags to get deterministic +and repeatable installations. + +```yaml {label="digest"} +apiVersion: pkg.crossplane.io/v1 +kind: Provider +metadata: + name: provider-aws +spec: + package: xpkg.crossplane.io/crossplane-contrib/provider-aws@sha256:ee6bece46dbb54cc3f0233961f5baac317fa4e4a81b41198bdc72fc472d113d0 +``` +{{< /hint >}} #### Provider pull policy @@ -131,26 +145,26 @@ Use a {{}}packagePullPolicy{{}} to define when Crossplane should download the Provider package to the local Crossplane package cache. -The `packagePullPolicy` options are: +The `packagePullPolicy` options are: * `IfNotPresent` - (**default**) Only download the package if it isn't in the cache. * `Always` - Check for new packages every minute and download any matching package that isn't in the cache. * `Never` - Never download the package. Packages are only installed from the - local package cache. + local package cache. {{}} -The Crossplane +The Crossplane {{}}packagePullPolicy{{}} works -like the Kubernetes container image -[image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy). +like the Kubernetes container image +[image pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy). Crossplane supports the use of tags and package digest hashes like -Kubernetes images. +Kubernetes images. {{< /hint >}} -For example, to `Always` download a given Provider package use the +For example, to `Always` download a given Provider package use the {{}}packagePullPolicy: Always{{}} -configuration. +configuration. ```yaml {label="pullpolicy",copy-lines="6"} apiVersion: pkg.crossplane.io/v1 @@ -165,20 +179,20 @@ spec: #### Revision activation policy The `Active` package revision -is the package controller actively reconciling resources. +is the package controller actively reconciling resources. -By default Crossplane sets the most recently installed package revision as +By default Crossplane sets the most recently installed package revision as `Active`. Control the Provider upgrade behavior with a {{}}revisionActivationPolicy{{}}. -The {{}}revisionActivationPolicy{{}} +The {{}}revisionActivationPolicy{{}} options are: * `Automatic` - (**default**) Automatically activate the last installed Provider. * `Manual` - Don't automatically activate a Provider. -For example, to change the upgrade behavior to require manual upgrades, set +For example, to change the upgrade behavior to require manual upgrades, set {{}}revisionActivationPolicy: Manual{{}}. ```yaml {label="revision"} @@ -193,26 +207,26 @@ spec: #### Package revision history limit -When Crossplane installs a different version of the same Provider package -Crossplane creates a new _revision_. +When Crossplane installs a different version of the same Provider package +Crossplane creates a new _revision_. -By default Crossplane maintains one _Inactive_ revision. +By default Crossplane maintains one _Inactive_ revision. {{}} Read the [Provider upgrade](#upgrade-a-provider) section for more information on the use of package revisions. {{< /hint >}} -Change the number of revisions Crossplane maintains with a Provider Package -{{}}revisionHistoryLimit{{}}. +Change the number of revisions Crossplane maintains with a Provider Package +{{}}revisionHistoryLimit{{}}. The {{}}revisionHistoryLimit{{}} -field is an integer. -The default value is `1`. -Disable storing revisions by setting +field is an integer. +The default value is `1`. +Disable storing revisions by setting {{}}revisionHistoryLimit{{}} to `0`. -For example, to change the default setting and store 10 revisions use +For example, to change the default setting and store 10 revisions use {{}}revisionHistoryLimit: 10{{}}. ```yaml {label="revHistoryLimit"} @@ -227,13 +241,13 @@ spec: #### Install a provider from a private registry -Like Kubernetes uses `imagePullSecrets` to -[install images from private registries](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/), +Like Kubernetes uses `imagePullSecrets` to +[install images from private registries](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/), Crossplane uses `packagePullSecrets` to install Provider packages from a private -registry. +registry. Use {{}}packagePullSecrets{{}} to provide a -Kubernetes secret to use for authentication when downloading a Provider package. +Kubernetes secret to use for authentication when downloading a Provider package. {{}} The Kubernetes secret must be in the same namespace as Crossplane. @@ -243,7 +257,7 @@ The {{}}packagePullSecrets{{}} is a list of secrets. For example, to use the secret named -{{}}example-secret{{}} configure a +{{}}example-secret{{}} configure a {{}}packagePullSecrets{{}}. ```yaml {label="pps"} @@ -252,25 +266,25 @@ kind: Provider metadata: name: provider-aws spec: - packagePullSecrets: + packagePullSecrets: - name: example-secret # Removed for brevity ``` {{}} Configured `packagePullSecrets` aren't passed to any Provider package -dependencies. +dependencies. {{< /hint >}} #### Ignore dependencies By default Crossplane installs any [dependencies](#manage-dependencies) listed -in a Provider package. +in a Provider package. -Crossplane can ignore a Provider package's dependencies with +Crossplane can ignore a Provider package's dependencies with {{}}skipDependencyResolution{{}}. -For example, to disable dependency resolution configure +For example, to disable dependency resolution configure {{}}skipDependencyResolution: true{{}}. ```yaml {label="pkgDep"} @@ -283,17 +297,58 @@ spec: # Removed for brevity ``` +#### Automatically update dependency versions + +Crossplane can automatically upgrade a package's dependency version to the minimum +valid version that satisfies all the constraints. It's an alpha feature that +requires enabling with the `--enable-dependency-version-upgrades` flag. + +In some cases, dependency version downgrade is required for proceeding with +installations. Suppose configuration A, which depends on package X with the +constraint`>=v0.0.0`, is installed on the control plane. In this case, the package +manager installs the latest version of package X, such as `v3.0.0`. Later, you decide +to install configuration B, which depends on package X with the constraint `<=v2.0.0`. +Since version `v2.0.0` satisfies both conditions, package X must be downgraded to +allow the installation of configuration B which is disabled by default. + +Automatic dependency version downgrades is also an alpha feature that can be +enabled with the `--enable-dependency-version-downgrades` flag. Downgrading a +package can cause unexpected behavior, therefore, this option is disabled by +default. After enabling this option, the package manager will automatically +downgrade a package's dependency version to the maximum valid version that +satisfies the constraints. + +{{}} +This configuration requires the `--enable-dependency-version-upgrades` flag. +Please check the +[configuration options]({{}}) +and +[feature flags]({{}}) +are available in the +[Crossplane Install]({{}}) +section for more details. +{{}} + +{{}} +Enabling automatic dependency downgrades may have unintended consequences, such as: + +1) CRDs missing in the downgraded version, possibly leaving orphaned MRs without +controllers to reconcile them. +2) Loss of data if downgraded CRD versions omit fields that were set before. +3) Changes in the CRD storage version, which may prevent package version update. +{{}} + #### Ignore Crossplane version requirements A Provider package may require a specific or minimum Crossplane version before installing. By default, Crossplane doesn't install a Provider if the Crossplane -version doesn't meet the required version. +version doesn't meet the required version. -Crossplane can ignore the required version with +Crossplane can ignore the required version with {{}}ignoreCrossplaneConstraints{{}}. For example, to install a Provider package into an unsupported Crossplane -version, configure +version, configure {{}}ignoreCrossplaneConstraints: true{{}}. ```yaml {label="xpVer"} @@ -309,10 +364,10 @@ spec: ### Manage dependencies Providers packages may include dependencies on other packages including -Configurations or other Providers. +Configurations or other Providers. If Crossplane can't meet the dependencies of a Provider package the Provider -reports `HEALTHY` as `False`. +reports `HEALTHY` as `False`. For example, this installation of the Getting Started Configuration is `HEALTHY: False`. @@ -349,9 +404,9 @@ Events: Warning LintPackage 41s (x3 over 47s) packages/providerrevision.pkg.crossplane.io incompatible Crossplane version: package isn't compatible with Crossplane version (v1.10.0) ``` -The {{}}Events{{}} show a +The {{}}Events{{}} show a {{}}Warning{{}} with a message that the -current version of Crossplane doesn't meet the Configuration package +current version of Crossplane doesn't meet the Configuration package requirements. ## Upgrade a Provider @@ -365,7 +420,7 @@ Crossplane installs the new image and creates a new `ProviderRevision`. The `ProviderRevision` allows Crossplane to store deprecated Provider CRDs without removing them until you decide. -View the `ProviderRevisions` with +View the `ProviderRevisions` with {{}}kubectl get providerrevisions{{}} ```shell {label="getPR",copy-lines="1"} @@ -381,14 +436,14 @@ By default Crossplane keeps a single {{}}Inactive{{}} Provider. Read the [revision history limit](#package-revision-history-limit) section to -change the default value. +change the default value. -Only a single revision of a Provider is +Only a single revision of a Provider is {{}}Active{{}} at a time. ## Remove a Provider -Remove a Provider by deleting the Provider object with +Remove a Provider by deleting the Provider object with `kubectl delete provider`. {{< hint "warning" >}} @@ -440,7 +495,7 @@ The Crossplane community has more ### Provider conditions -Crossplane uses a standard set of `Conditions` for Providers. +Crossplane uses a standard set of `Conditions` for Providers. View the conditions of a provider under their `Status` with `kubectl describe provider`. @@ -567,7 +622,7 @@ Providers have two different types of configurations: an external provider. For example, cloud provider authentication. {{}} -Apply `ControllerConfig` objects to Providers. +Apply `ControllerConfig` objects to Providers. Apply `ProviderConfig` objects to managed resources. {{< /hint >}} diff --git a/content/v1.17/concepts/server-side-apply.md b/content/v1.20/concepts/server-side-apply.md similarity index 100% rename from content/v1.17/concepts/server-side-apply.md rename to content/v1.20/concepts/server-side-apply.md diff --git a/content/v1.17/concepts/usages.md b/content/v1.20/concepts/usages.md similarity index 93% rename from content/v1.17/concepts/usages.md rename to content/v1.20/concepts/usages.md index 402b0932..1ac12082 100644 --- a/content/v1.17/concepts/usages.md +++ b/content/v1.20/concepts/usages.md @@ -1,8 +1,9 @@ --- title: Usages weight: 95 -state: alpha +state: beta alphaVersion: "1.14" +betaVersion: "1.19" description: "Usage defines a usage relationship for Managed Resources or Composites" --- @@ -19,12 +20,14 @@ first use case and the section [Usage for Deletion Ordering](#usage-for-deletion for the second one. ## Enable usages -Usages are an alpha feature. Alpha features aren't enabled by default. + +Usages are a beta feature. Beta features are enabled by default. + -Enable `Usage` support by +Disable `Usage` support by [changing the Crossplane pod setting]({{}}) -and enabling -{{}}--enable-usages{{}} +and setting +{{}}--enable-usages=false{{}} argument. ```yaml {label="deployment",copy-lines="12"} @@ -39,7 +42,7 @@ spec: - args: - core - start - - --enable-usages + - --enable-usages=false ``` {{}} @@ -85,7 +88,7 @@ any deletion request with the {{}}reason{{}} defined. ```yaml {label="protect"} -apiVersion: apiextensions.crossplane.io/v1alpha1 +apiVersion: apiextensions.crossplane.io/v1beta1 kind: Usage metadata: name: protect-production-database @@ -106,7 +109,7 @@ any deletion request before the deletion of {{}}my-prometheus-chart{{}} resource. ```yaml {label="order"} -apiVersion: apiextensions.crossplane.io/v1alpha1 +apiVersion: apiextensions.crossplane.io/v1beta1 kind: Usage metadata: name: release-uses-cluster @@ -132,7 +135,7 @@ This enables using {{}}labels{{}} or to define resource instead of providing the resource name. ```yaml {label="selectors"} -apiVersion: apiextensions.crossplane.io/v1alpha1 +apiVersion: apiextensions.crossplane.io/v1beta1 kind: Usage metadata: name: release-uses-cluster @@ -166,7 +169,7 @@ random resource is selected from the list of matched resources. {{< /hint >}} ```yaml {label="selectors-resolved"} -apiVersion: apiextensions.crossplane.io/v1alpha1 +apiVersion: apiextensions.crossplane.io/v1beta1 kind: Usage metadata: name: release-uses-cluster @@ -197,7 +200,7 @@ Replaying the blocked deletion is possible by setting the {{}}replayDeletion{{}} field to `true`. ```yaml {label="replay"} -apiVersion: apiextensions.crossplane.io/v1alpha1 +apiVersion: apiextensions.crossplane.io/v1beta1 kind: Usage metadata: name: release-uses-cluster @@ -261,7 +264,7 @@ spec: # Removed for brevity - name: release-uses-cluster base: - apiVersion: apiextensions.crossplane.io/v1alpha1 + apiVersion: apiextensions.crossplane.io/v1beta1 kind: Usage spec: replayDeletion: true diff --git a/content/v1.17/getting-started/_index.md b/content/v1.20/getting-started/_index.md similarity index 100% rename from content/v1.17/getting-started/_index.md rename to content/v1.20/getting-started/_index.md diff --git a/content/v1.17/getting-started/install-crossplane-include.md b/content/v1.20/getting-started/install-crossplane-include.md similarity index 99% rename from content/v1.17/getting-started/install-crossplane-include.md rename to content/v1.20/getting-started/install-crossplane-include.md index 026f9d8f..45015373 100644 --- a/content/v1.17/getting-started/install-crossplane-include.md +++ b/content/v1.20/getting-started/install-crossplane-include.md @@ -5,7 +5,7 @@ searchExclude: true ## Install Crossplane -Crossplane installs into an existing Kubernetes cluster. +Crossplane installs into an existing Kubernetes cluster. {{< hint type="tip" >}} If you don't have a Kubernetes cluster create one locally with [Kind](https://kind.sigs.k8s.io/). @@ -1104,7 +1104,7 @@ crossplane-d4cd8d784-ldcgb 1/1 Running 0 54s crossplane-rbac-manager-84769b574-6mw6f 1/1 Running 0 54s ``` -Installing Crossplane creates new Kubernetes API end-points. +Installing Crossplane creates new Kubernetes API end-points. Look at the new API end-points with `kubectl api-resources | grep crossplane`. ```shell {label="grep",copy-lines="1"} @@ -1112,7 +1112,7 @@ kubectl api-resources | grep crossplane compositeresourcedefinitions xrd,xrds apiextensions.crossplane.io/v1 false CompositeResourceDefinition compositionrevisions comprev apiextensions.crossplane.io/v1 false CompositionRevision compositions comp apiextensions.crossplane.io/v1 false Composition -environmentconfigs envcfg apiextensions.crossplane.io/v1alpha1 false EnvironmentConfig +environmentconfigs envcfg apiextensions.crossplane.io/v1beta1 false EnvironmentConfig usages apiextensions.crossplane.io/v1alpha1 false Usage configurationrevisions pkg.crossplane.io/v1 false ConfigurationRevision configurations pkg.crossplane.io/v1 false Configuration @@ -1124,4 +1124,4 @@ locks pkg.crossplane.io/v1beta1 providerrevisions pkg.crossplane.io/v1 false ProviderRevision providers pkg.crossplane.io/v1 false Provider storeconfigs secrets.crossplane.io/v1alpha1 false StoreConfig -``` \ No newline at end of file +``` diff --git a/content/v1.17/getting-started/introduction.md b/content/v1.20/getting-started/introduction.md similarity index 100% rename from content/v1.17/getting-started/introduction.md rename to content/v1.20/getting-started/introduction.md diff --git a/content/v1.17/getting-started/provider-aws-part-2.md b/content/v1.20/getting-started/provider-aws-part-2.md similarity index 100% rename from content/v1.17/getting-started/provider-aws-part-2.md rename to content/v1.20/getting-started/provider-aws-part-2.md diff --git a/content/v1.17/getting-started/provider-aws.md b/content/v1.20/getting-started/provider-aws.md similarity index 100% rename from content/v1.17/getting-started/provider-aws.md rename to content/v1.20/getting-started/provider-aws.md diff --git a/content/v1.17/getting-started/provider-azure-part-2.md b/content/v1.20/getting-started/provider-azure-part-2.md similarity index 100% rename from content/v1.17/getting-started/provider-azure-part-2.md rename to content/v1.20/getting-started/provider-azure-part-2.md diff --git a/content/v1.17/getting-started/provider-azure.md b/content/v1.20/getting-started/provider-azure.md similarity index 100% rename from content/v1.17/getting-started/provider-azure.md rename to content/v1.20/getting-started/provider-azure.md diff --git a/content/v1.17/getting-started/provider-gcp-part-2.md b/content/v1.20/getting-started/provider-gcp-part-2.md similarity index 100% rename from content/v1.17/getting-started/provider-gcp-part-2.md rename to content/v1.20/getting-started/provider-gcp-part-2.md diff --git a/content/v1.17/getting-started/provider-gcp.md b/content/v1.20/getting-started/provider-gcp.md similarity index 100% rename from content/v1.17/getting-started/provider-gcp.md rename to content/v1.20/getting-started/provider-gcp.md diff --git a/content/v1.17/guides/_index.md b/content/v1.20/guides/_index.md similarity index 100% rename from content/v1.17/guides/_index.md rename to content/v1.20/guides/_index.md diff --git a/content/v1.20/guides/change-logs.md b/content/v1.20/guides/change-logs.md new file mode 100644 index 00000000..139a4367 --- /dev/null +++ b/content/v1.20/guides/change-logs.md @@ -0,0 +1,271 @@ +--- +title: Change Logs +weight: 210 +description: "Change logs help you audit all changes made to your resources" +state: alpha +alphaVersion: "1.17" +--- + +The "change logs" feature is designed to help users of Crossplane Providers to +understand what changes a provider is making to the resources it's managing. +Whenever a provider creates, updates, or deletes a managed resource, an entry +explaining the details of the change is recorded in the provider's change log. + +Change logs are important for awareness of the changes that a provider is +making to its managed resources. Due to the nature of Crossplane's active +reconciliation, it's possible for a provider to make changes to managed +resources without any user interaction. Consider the scenario when someone +updates a resource outside of Crossplane, for example via the AWS console or +`gcloud` CLI. When Crossplane detects this configuration drift it will +enforce its source of truth to eventually correct this unexpected change +without any user interaction. + +With Crossplane acting continuously and autonomously to update critical +infrastructure, it's vital for users to have insight into the operations being +performed, so they can build and maintain a strong sense of confidence and trust +in their control planes. Change logs provide details about all changes the +provider makes, so users can remain aware of any changes, even when they aren't +explicitly expecting any. + +{{}} Change logs help you understand all the changes a provider is +making to your resources, even when changes weren't explicitly requested, for +example as a result of Crossplane's automatic correction of configuration drift. +{{}} + +## Enabling Change Logs + +{{}} Change logs are an alpha feature and must be explicitly +enabled for each provider through the use of a `DeploymentRuntimeConfig`. +{{}} + +To enable change logs for a provider, use a `DeploymentRuntimeConfig` to +configure each provider pod that should start producing change logs. The +`DeploymentRuntimeConfig` has a few important configuration details: + +1. A command line argument to the provider container that enables the change + logs feature, for example `--enable-changelogs`. +1. A [side car container](https://github.com/crossplane/changelogs-sidecar) that + collects change events and produces change log entries to the provider's pod + logs. +1. A shared volume mounted to both the provider and sidecar containers that + enables communication of change events between the two containers. + +### Prerequisites + +This guide assumes you have a control plane with [Crossplane installed]({{}}). + +It also assumes you have the [`jq` tool installed](https://jqlang.org/download/), +to perform lightweight querying and filtering of the content in the change logs. + +The only other prerequisite for enabling change logs is that the provider must +have added support for the change logs feature. This is optional and not all +providers in the Crossplane ecosystem have added this support yet. + +{{}} Not all providers support the change logs feature. Check with +your provider of choice to confirm it has added support for change logs. +{{}} + +This guide walks through a full example of generating change logs with +[`provider-kubernetes`](https://github.com/crossplane-contrib/provider-kubernetes). + +### Create a `DeploymentRuntimeConfig` + +Create a `DeploymentRuntimeConfig` that will enable change logs for +the provider when it's installed by performing the necessary configuration +steps: + +1. The {{}}--enable-changelogs{{}} flag is + set on the provider. +1. The {{}}sidecar container{{}} is added + to the provider pod. +1. A {{}}shared volume{{}} is declared and + then mounted in the {{}}provider + container{{}} and the {{}}sidecar + container{{}}. + +```yaml {label="drc",copy-lines="all"} +cat <}}provider{{}} and +instruct it to use the {{}}DeploymentRuntimeConfig{{}} +that was just created. + +```yaml {label="provider",copy-lines="all"} +cat <}} This guide grants specific permissions to the provider +for example purposes. This approach isn't intended to be representative of a +production environment. More examples on configuring `provider-kubernetes` can +be found in its [examples directory](https://github.com/crossplane-contrib/provider-kubernetes/tree/main/examples/provider). +{{}} + +```yaml {label="rbac",copy-lines="all"} +cat <}}) - A template to define how to create resources. * [composite resource Definition]({{}}) - (`XRD`) - A custom API specification. + (`XRD`) - A custom API specification. * [composite resource]({{}}) (`XR`) - Created by using the custom API defined in a composite resource Definition. - XRs use the Composition template to create new managed resources. + XRs use the Composition template to create new managed resources. * [Claim]({{}}) (`XRC`) - Like a composite resource, - but with namespace scoping. + but with namespace scoping. {{}} ## Install the function @@ -107,7 +107,7 @@ The `resources` field the function's input defines the set of things that a composite resource creates when it uses this function. For example, the input can define a template to create a virtual machine and an -associated storage bucket at the same time. +associated storage bucket at the same time. {{}} Crossplane calls the resources a composite resource creates @@ -121,7 +121,7 @@ name used with the Provider. The contents of the `base` are identical to creating a standalone [managed resource]({{}}). -This example uses +This example uses [provider-upjet-aws](https://github.com/crossplane-contrib/provider-upjet-aws) to define a S3 storage `Bucket` and EC2 compute `Instance`. @@ -174,10 +174,10 @@ You can't template namespaced resources. ## Create a patch Each entry in the `resources` list can include a list of patches. The `patches` -field takes a list of patches to apply to the individual resource. +field takes a list of patches to apply to the individual resource. Each patch has a `type`, which defines what kind of patch action Crossplane -applies. +applies. Patches reference fields inside different resources depending on the patch type, but all patches reference a `fromFieldPath` and `toFieldPath`. @@ -212,7 +212,7 @@ subset of [JSONPath selectors](https://kubernetes.io/docs/reference/kubectl/json called "field paths." Field paths can select any field in a composite resource or managed resource -object, including the `metadata`, `spec` or `status` fields. +object, including the `metadata`, `spec` or `status` fields. Field paths can be a string matching a field name or an array index, in brackets. Field names may use a `.` character to select child elements. @@ -220,7 +220,7 @@ brackets. Field names may use a `.` character to select child elements. #### Example field paths Here are some example selectors from a composite resource object. {{}} -| Selector | Selected element | +| Selector | Selected element | | --- | --- | | `kind` | `kind` | | `metadata.labels['crossplane.io/claim-name']` | `my-example-claim` | @@ -259,7 +259,7 @@ You can reuse a patch object on multiple resources by using a PatchSet. To create a PatchSet, define a `patchSets` object in the function's input. -Each patch inside a PatchSet has a `name` and a list of `patches`. +Each patch inside a PatchSet has a `name` and a list of `patches`. Apply the PatchSet to a resource with a patch `type: PatchSet`. Set the `patchSetName` to the `name` of the PatchSet. @@ -285,11 +285,11 @@ resources: # Removed for brevity patches: - type: PatchSet - patchSetName: my-patchset + patchSetName: my-patchset ``` {{}} -A PatchSet can't contain other PatchSets. +A PatchSet can't contain other PatchSets. Crossplane ignores any [transforms](#transform-a-patch) or [policies](#patch-policies) in a PatchSet. @@ -299,10 +299,10 @@ Crossplane ignores any [transforms](#transform-a-patch) or Function Patch and Transform can't directly patch between two composed resources. For example, generating a network resource and patching the resource -name to a compute resource. +name to a compute resource. A resource can patch to a user-defined `status` field in the composite resource. -Another resource can then read from that `Status` field to patch a field. +Another resource can then read from that `Status` field to patch a field. First, define a custom `status` in the composite resource Definition and a custom field, for example `secondResource` @@ -329,7 +329,7 @@ spec: Inside the function input the resource with the source data uses a `ToCompositeFieldPath` patch to write data to the `status.secondResource` field -in the composite resource. +in the composite resource. The destination resource uses a `FromCompositeFieldPath` patch to read data from the composite resource `status.secondResource` field in the composite resource @@ -360,7 +360,7 @@ resources: ``` Describe the composite resource to view the `resources` and the -`status.secondResource` value. +`status.secondResource` value. ```yaml {label="descCompPatch",copy-lines="none"} $ kubectl describe composite @@ -386,30 +386,25 @@ Labels: crossplane.io/composite=my-example-claim-jp7rx secondResource=my-example-claim-jp7rx-gfg4m ``` -## Patch with EnvironmentConfigs +## Patch with EnvironmentConfigs -Crossplane uses EnvironmentConfigs to create in-memory data stores. Compositions -can read and write from this data store as part of the patch process. - -{{}} -EnvironmentConfigs are an alpha feature. Alpha features aren't enabled by -default. -{{< /hint >}} +Crossplane uses EnvironmentConfigs to create in-memory data stores. Compositions +can read and write from this data store as part of the patch process. EnvironmentConfigs can predefine data that Compositions can use or a composite resource can write data to their in-memory environment for other resources to - read. + read. {{< hint "note" >}} - + Read the [EnvironmentConfigs]({{}}) page for more information on using EnvironmentConfigs. {{< /hint >}} To apply a patch using EnvironmentConfigs, first define which EnvironmentConfigs -to use with -`environment.environmentConfigs`. +to use with +`environment.environmentConfigs`. @@ -437,7 +432,7 @@ To patch between the composite resource and the in-memory environment use `patches` inside of the `environment`. Use the `ToCompositeFieldPath` to copy data from the in-memory environment to -the composite resource. +the composite resource. Use the `FromCompositeFieldPath` to copy data from the composite resource to the in-memory environment. @@ -461,7 +456,7 @@ Individual resources can use any data written to their in-memory environment. To patch an individual resource, inside the `patches` of the resource, use `ToEnvironmentFieldPath` to copy data from the resource to the in-memory -environment. +environment. Use `FromEnvironmentFieldPath` to copy data to the resource from the in-memory environment. @@ -486,33 +481,33 @@ resources: toFieldPath: spec.forProvider.tags ``` -The [EnvironmentConfigs]({{}}) page has +The [EnvironmentConfigs]({{}}) page has more information on EnvironmentConfigs options and usage. ## Types of patches Function Patch and Transform supports multiple patch types, each using a -different source for data and applying the patch to a different location. +different source for data and applying the patch to a different location. Summary of Crossplane patches {{< table "table table-hover" >}} -| Patch Type | Data Source | Data Destination | -| --- | --- | --- | -| [FromCompositeFieldPath](#fromcompositefieldpath) | A field in the composite resource. | A field in the composed resource. | -| [ToCompositeFieldPath](#tocompositefieldpath) | A field in the composed resource. | A field in the composite resource. | -| [CombineFromComposite](#combinefromcomposite) | Multiple fields in the composite resource. | A field in the composed resource. | -| [CombineToComposite](#combinetocomposite) | Multiple fields in the composed resource. | A field in the composite resource. | -| [FromEnvironmentFieldPath](#fromenvironmentfieldpath) | Data in the in-memory environment | A field in the composed resource. | -| [ToEnvironmentFieldPath](#toenvironmentfieldpath) | A field in the composed resource. | The in-memory environment. | -| [CombineFromEnvironment](#combinefromenvironment) | Multiple fields in the in-memory environment. | A field in the composed resource. | -| [CombineToEnvironment](#combinetoenvironment) | Multiple fields in the composed resource. | A field in the in-memory environment. | +| Patch Type | Data Source | Data Destination | +| --- | --- | --- | +| [FromCompositeFieldPath](#fromcompositefieldpath) | A field in the composite resource. | A field in the composed resource. | +| [ToCompositeFieldPath](#tocompositefieldpath) | A field in the composed resource. | A field in the composite resource. | +| [CombineFromComposite](#combinefromcomposite) | Multiple fields in the composite resource. | A field in the composed resource. | +| [CombineToComposite](#combinetocomposite) | Multiple fields in the composed resource. | A field in the composite resource. | +| [FromEnvironmentFieldPath](#fromenvironmentfieldpath) | Data in the in-memory environment | A field in the composed resource. | +| [ToEnvironmentFieldPath](#toenvironmentfieldpath) | A field in the composed resource. | The in-memory environment. | +| [CombineFromEnvironment](#combinefromenvironment) | Multiple fields in the in-memory environment. | A field in the composed resource. | +| [CombineToEnvironment](#combinetoenvironment) | Multiple fields in the composed resource. | A field in the in-memory environment. | {{< /table >}} {{}} All the following examples use the same set of Compositions, -CompositeResourceDefinitions, Claims and EnvironmentConfigs. -Only the applied patches change between examples. +CompositeResourceDefinitions, Claims and EnvironmentConfigs. +Only the applied patches change between examples. -All examples rely on +All examples rely on [provider-aws-s3](https://github.com/crossplane-contrib/provider-upjet-aws) to create resources. @@ -585,9 +580,9 @@ spec: type: string field2: type: string - field3: + field3: type: string - desiredRegion: + desiredRegion: type: string boolField: type: boolean @@ -619,7 +614,7 @@ spec: {{< expand "Reference EnvironmentConfig" >}} ```yaml {copy-lines="all"} -apiVersion: apiextensions.crossplane.io/v1alpha1 +apiVersion: apiextensions.crossplane.io/v1beta1 kind: EnvironmentConfig metadata: name: example-environment @@ -639,19 +634,19 @@ data: The `FromCompositeFieldPath` patch takes a value in a composite resource and -applies it to a field in the composed resource. +applies it to a field in the composed resource. {{< hint "tip" >}} Use the `FromCompositeFieldPath` patch to apply options from users in their -Claims to settings in managed resource `forProvider` settings. +Claims to settings in managed resource `forProvider` settings. {{< /hint >}} For example, to use the value `desiredRegion` provided by a user in a composite -resource to a managed resource's `region`. +resource to a managed resource's `region`. -The `fromFieldPath` value is a field in the composite resource. +The `fromFieldPath` value is a field in the composite resource. -The `toFieldPath` value is the field in the composed resource to change. +The `toFieldPath` value is the field in the composed resource to change. ```yaml {label="fromComposite",copy-lines="9-11"} apiVersion: pt.fn.crossplane.io/v1beta1 @@ -713,7 +708,7 @@ resources: toFieldPath: metadata.labels['ZoneID'] ``` -View the created managed resource to see the +View the created managed resource to see the `Hosted Zone Id` field. ```yaml {label="toCompMR",copy-lines="none"} $ kubectl describe bucket @@ -738,20 +733,20 @@ Labels: ZoneID=Z2O1EMRO9K5GLX The `CombineFromComposite` patch takes values from the composite resource, -combines them and applies them to the composed resource. +combines them and applies them to the composed resource. {{< hint "tip" >}} Use the `CombineFromComposite` patch to create complex strings, like security -policies and apply them to a composed resource. +policies and apply them to a composed resource. {{< /hint >}} For example, use the Claim value `desiredRegion` and `field2` to generate the managed resource's `name` -The `CombineFromComposite` patch only supports the `combine` option. +The `CombineFromComposite` patch only supports the `combine` option. The `variables` are the list of `fromFieldPath` values from the composite -resource to combine. +resource to combine. The only supported `strategy` is `strategy: string`. @@ -760,7 +755,7 @@ Optionally you can apply a `string.fmt`, based on strings. The `toFieldPath` is the field in the composed resource to apply the new string -to. +to. ```yaml {label="combineFromComp",copy-lines="11-20"} apiVersion: pt.fn.crossplane.io/v1beta1 @@ -797,33 +792,33 @@ Name: my-resource-eu-north-1-field2-text The `CombineToComposite` patch takes values from the composed resource, combines -them and applies them to the composite resource. +them and applies them to the composite resource. {{}} Use `CombineToComposite` patches to create a single field like a URL from -multiple fields in a managed resource. +multiple fields in a managed resource. {{< /hint >}} For example, use the managed resource `name` and `region` to generate a custom -`url` field. +`url` field. {{< hint "important" >}} Writing custom fields in the status field of a composite resource requires -defining the custom fields in the CompositeResourceDefinition first. +defining the custom fields in the CompositeResourceDefinition first. {{< /hint >}} -The `CombineToComposite` patch only supports the `combine` option. +The `CombineToComposite` patch only supports the `combine` option. -The `variables` are the list of `fromFieldPath` the managed resource to combine. +The `variables` are the list of `fromFieldPath` the managed resource to combine. The only supported `strategy` is `strategy: string`. -Optionally you can apply a `string.fmt`, based on -[Go string formatting](https://pkg.go.dev/fmt) to specify how to combine the +Optionally you can apply a `string.fmt`, based on +[Go string formatting](https://pkg.go.dev/fmt) to specify how to combine the strings. The `toFieldPath` is the field in the composite resource to apply the new string -to. +to. ```yaml {label="combineToComposite",copy-lines="9-11"} apiVersion: pt.fn.crossplane.io/v1beta1 @@ -866,9 +861,9 @@ Status: {{}} -EnvironmentConfigs are an alpha feature. They aren't enabled by default. +EnvironmentConfigs are an alpha feature. They aren't enabled by default. -For more information about using an EnvironmentConfig, read the +For more information about using an EnvironmentConfig, read the [EnvironmentConfigs documentation]({{}}). {{< /hint >}} @@ -877,7 +872,7 @@ and applies them to the composed resource. {{}} Use `FromEnvironmentFieldPath` to apply custom managed resource settings based -on the current environment. +on the current environment. {{< /hint >}} For example, use the environment's `locations.eu` value and apply it as the @@ -900,7 +895,7 @@ resources: toFieldPath: spec.forProvider.region ``` -Verify managed resource to confirm the applied patch. +Verify managed resource to confirm the applied patch. ```yaml {copy-lines="none"} kubectl describe bucket @@ -918,9 +913,7 @@ Spec: {{}} -EnvironmentConfigs are an alpha feature. They aren't enabled by default. - -For more information about using an EnvironmentConfig, read the +For more information about using an EnvironmentConfig, read the [EnvironmentConfigs documentation]({{}}). {{< /hint >}} @@ -929,7 +922,7 @@ applies it to the in-memory environment. {{}} Use `ToEnvironmentFieldPath` to write data to the environment that any -FromEnvironmentFieldPath patch can access. +FromEnvironmentFieldPath patch can access. {{< /hint >}} For example, use the desired `region` value and apply it as the environment's @@ -962,9 +955,7 @@ wrote the value to the environment. {{}} -EnvironmentConfigs are an alpha feature. They aren't enabled by default. - -For more information about using an EnvironmentConfig, read the +For more information about using an EnvironmentConfig, read the [EnvironmentConfigs documentation]({{}}). {{< /hint >}} @@ -973,25 +964,25 @@ environment and applies them to the composed resource. {{}} Use `CombineFromEnvironment` patch to create complex strings, like security -policies and apply them to a managed resource. +policies and apply them to a managed resource. {{< /hint >}} For example, combine multiple fields in the environment to create a unique -`annotation` . +`annotation` . -The `CombineFromEnvironment` patch only supports the `combine` option. +The `CombineFromEnvironment` patch only supports the `combine` option. The only supported `strategy` is `strategy: string`. The `variables` are the list of `fromFieldPath` values from the in-memory -environment to combine. +environment to combine. -Optionally you can apply a `string.fmt`, based on -[Go string formatting](https://pkg.go.dev/fmt) to specify how to combine the +Optionally you can apply a `string.fmt`, based on +[Go string formatting](https://pkg.go.dev/fmt) to specify how to combine the strings. The `toFieldPath` is the field in the composed resource to apply the new string -to. +to. ```yaml {label="combineFromEnv",copy-lines="11-20"} apiVersion: pt.fn.crossplane.io/v1beta1 @@ -1011,12 +1002,12 @@ resources: variables: - fromFieldPath: key1 - fromFieldPath: key2 - string: + string: fmt: "%s-%s" toFieldPath: metadata.annotations[EnvironmentPatch] ``` -Describe the managed resource to see new +Describe the managed resource to see new `annotation`. ```yaml {copy-lines="none",label="combineFromEnvDesc"} @@ -1032,9 +1023,7 @@ Annotations: EnvironmentPatch: value1-value2 {{}} -EnvironmentConfigs are an alpha feature. They aren't enabled by default. - -For more information about using an EnvironmentConfig, read the +For more information about using an EnvironmentConfig, read the [EnvironmentConfigs documentation]({{}}). {{< /hint >}} @@ -1043,26 +1032,26 @@ resource and applies them to the in-memory EnvironmentConfig environment. {{}} Use `CombineToEnvironment` patch to create complex strings, like security -policies to use in other managed resources. +policies to use in other managed resources. {{< /hint >}} For example, combine multiple fields in the managed resource to create a unique -string and store it in the environment's `key2` value. +string and store it in the environment's `key2` value. The string combines the managed resource `Kind` and `region`. -The `CombineToEnvironment` patch only supports the `combine` option. +The `CombineToEnvironment` patch only supports the `combine` option. The only supported `strategy` is `strategy: string`. The `variables` are the list of `fromFieldPath` values in the managed resource -to combine. +to combine. -Optionally you can apply a `string.fmt`, based on -[Go string formatting](https://pkg.go.dev/fmt) to specify how to combine the +Optionally you can apply a `string.fmt`, based on +[Go string formatting](https://pkg.go.dev/fmt) to specify how to combine the strings. -The `toFieldPath` is the key in the environment to write the new string to. +The `toFieldPath` is the key in the environment to write the new string to. ```yaml {label="combineToEnv",copy-lines="none"} apiVersion: pt.fn.crossplane.io/v1beta1 @@ -1093,30 +1082,30 @@ wrote the value to the environment. ## Transform a patch When applying a patch, Crossplane supports modifying the data before applying it -as a patch. Crossplane calls this a "transform" operation. +as a patch. Crossplane calls this a "transform" operation. Summary of Crossplane transforms. {{< table "table table-hover" >}} | Transform Type | Action | | --- | --- | -| [convert](#convert-transforms) | Converts an input data type to a different type. Also called "casting." | -| [map](#map-transforms) | Selects a specific output based on a specific input. | -| [match](#match-transform) | Selects a specific output based on a string or regular expression. | -| [math](#math-transforms) | Applies a mathematical operation on the input. | -| [string](#string-transforms) | Change the input string using [Go string formatting](https://pkg.go.dev/fmt). | +| [convert](#convert-transforms) | Converts an input data type to a different type. Also called "casting." | +| [map](#map-transforms) | Selects a specific output based on a specific input. | +| [match](#match-transform) | Selects a specific output based on a string or regular expression. | +| [math](#math-transforms) | Applies a mathematical operation on the input. | +| [string](#string-transforms) | Change the input string using [Go string formatting](https://pkg.go.dev/fmt). | {{< /table >}} -Apply a transform directly to an individual patch with the `transforms` field. +Apply a transform directly to an individual patch with the `transforms` field. -A `transform` requires a `type`, indicating the transform action to take. +A `transform` requires a `type`, indicating the transform action to take. The other transform field is the same as the `type`, in this example, `map`. -The other fields depend on the patch type used. +The other fields depend on the patch type used. This example uses a `type: map` transform, taking the input `spec.desiredRegion`, matching it to either `us` or `eu` and returning the -corresponding AWS region for the `spec.forProvider.region` value. +corresponding AWS region for the `spec.forProvider.region` value. ```yaml {label="transform1",copy-lines="none"} apiVersion: pt.fn.crossplane.io/v1beta1 @@ -1147,10 +1136,10 @@ type. {{< hint "tip" >}} Some provider APIs require a field to be a string. Use a `convert` type to -change any boolean or integer fields to strings. +change any boolean or integer fields to strings. {{< /hint >}} -A `convert` transform requires a `toType`, defining the output data type. +A `convert` transform requires a `toType`, defining the output data type. ```yaml {label="convert",copy-lines="none"} patches: @@ -1165,23 +1154,23 @@ patches: Supported `toType` values: {{< table "table table-sm table-hover" >}} -| `toType` value | Description | +| `toType` value | Description | | -- | -- | -| `bool` | A boolean value of `true` or `false`. | -| `float64` | A 64-bit float value. | -| `int` | A 32-bit integer value. | -| `int64` | A 64-bit integer value. | -| `string` | A string value. | +| `bool` | A boolean value of `true` or `false`. | +| `float64` | A 64-bit float value. | +| `int` | A 32-bit integer value. | +| `int64` | A 64-bit integer value. | +| `string` | A string value. | | `object` | An object. | | `array` | An array. | {{< /table >}} #### Converting strings to booleans -When converting from a string to a `bool` Crossplane considers the string values -`1`, `t`, `T`, `TRUE`, `True` and `true` equal to the boolean value `True`. +When converting from a string to a `bool` Crossplane considers the string values +`1`, `t`, `T`, `TRUE`, `True` and `true` equal to the boolean value `True`. The strings `0`, `f`, `F`, `FALSE`, `False` and `false` are equal to the boolean -value `False`. +value `False`. #### Converting numbers to booleans Crossplane considers the integer `1` and float `1.0` equal to the boolean value @@ -1194,19 +1183,19 @@ Crossplane converts the boolean value `True` to the integer `1` or float64 The value `False` converts to the integer `0` or float64 `0.0` #### Converting strings to float64 -When converting from a `string` to a `float64` Crossplane supports an optional +When converting from a `string` to a `float64` Crossplane supports an optional `format: quantity` field. Using `format: quantity` translates size suffixes like `M` for megabyte or `Mi` -for megabit into the correct float64 value. +for megabit into the correct float64 value. {{}} -Refer to the [Go language docs](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity) +Refer to the [Go language docs](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity) for a full list of supported suffixes. {{}} Add `format: quantity` to the `convert` object to enable quantity suffix -support. +support. ```yaml {label="format",copy-lines="all"} - type: convert @@ -1267,15 +1256,15 @@ format for this conversion. ### Map transforms -The `map` transform type _maps_ an input value to an output value. +The `map` transform type _maps_ an input value to an output value. {{< hint "tip" >}} The `map` transform is useful for translating generic region names like `US` or -`EU` to provider specific region names. +`EU` to provider specific region names. {{< /hint >}} The `map` transform compares the value from the `fromFieldPath` to the options -listed in the `map`. +listed in the `map`. If Crossplane finds the value, Crossplane puts the mapped value in the `toFieldPath`. @@ -1285,10 +1274,10 @@ Crossplane throws an error for the patch if the value isn't found. {{< /hint >}} `spec.field1` is the string `"field1-text"` then Crossplane uses the string -`firstField` for the `annotation`. +`firstField` for the `annotation`. If `spec.field1` is the string `"field2-text"` then Crossplane uses the string -`secondField` for the `annotation`. +`secondField` for the `annotation`. ```yaml {label="map",copy-lines="none"} patches: @@ -1324,7 +1313,7 @@ Annotations: crossplane.io/composition-resource-name: bucket1 ### Match transform -The `match` transform is like the `map` transform. +The `match` transform is like the `map` transform. The `match` transform adds support for regular expressions along with exact strings and can provide default values if there isn't a match. @@ -1332,7 +1321,7 @@ strings and can provide default values if there isn't a match. A `match` object requires a `patterns` object. The `patterns` is a list of one or more patterns to attempt to match the input -value against. +value against. ```yaml {label="match",copy-lines="1-8"} patches: @@ -1350,7 +1339,7 @@ patches: ``` Match `patterns` can be either `type: literal` to match an exact string or -`type: regexp` to match a regular expression. +`type: regexp` to match a regular expression. {{}} Crossplane stops processing matches after the first pattern match. @@ -1358,13 +1347,13 @@ Crossplane stops processing matches after the first pattern match. #### Match an exact string -Use a `pattern` with -`type: literal` to match an -exact string. +Use a `pattern` with +`type: literal` to match an +exact string. -On a successful match Crossplane provides the +On a successful match Crossplane provides the `result:` to -the patch `toFieldPath`. +the patch `toFieldPath`. ```yaml {label="matchLiteral"} patches: @@ -1382,11 +1371,11 @@ patches: #### Match a regular expression -Use a `pattern` with `type: regexp` to match a regular expression. +Use a `pattern` with `type: regexp` to match a regular expression. Define a `regexp` key with the value of the regular expression to match. On a successful match Crossplane provides the `result:` to the patch -`toFieldPath`. +`toFieldPath`. ```yaml {label="matchRegex"} patches: @@ -1405,15 +1394,15 @@ patches: #### Using default values Optionally you can provide a default value to use if there is no matching -pattern. +pattern. The default value can either be the original input value or a defined default -value. +value. Use `fallbackTo: Value` to provide a default value if a match isn't found. For example if the string `unknownString` isn't matched, Crossplane provides the -`Value` `StringNotFound` to the `toFieldPath` +`Value` `StringNotFound` to the `toFieldPath` ```yaml {label="defaultValue"} patches: @@ -1453,10 +1442,10 @@ patches: ### Math transforms Use the `math` transform to multiply an input or apply a minimum or maximum -value. +value. {{}} -A `math` transform only supports integer inputs. +A `math` transform only supports integer inputs. {{< /hint >}} ```yaml {label="math",copy-lines="1-7"} @@ -1559,7 +1548,7 @@ patches: type: ... ``` -String transforms support the following +String transforms support the following `types` * [Convert](#string-convert) @@ -1573,9 +1562,9 @@ String transforms support the following The `type: convert` converts the input based on one of the following conversion types: -* `ToUpper` - Change the string to all upper case letters. +* `ToUpper` - Change the string to all upper case letters. * `ToLower` - Change the string to all lower case letters. -* `ToBase64` - Create a new base64 string from the input. +* `ToBase64` - Create a new base64 string from the input. * `FromBase64` - Create a new text string from a base64 input. * `ToJson` - Convert the input string to valid JSON. * `ToSha1` - Create a SHA-1 hash of the input string. @@ -1598,7 +1587,7 @@ patches: #### String format The `type: format` applies [Go string formatting](https://pkg.go.dev/fmt) to the -input. +input. ```yaml {label="typeFormat"} patches: @@ -1634,9 +1623,9 @@ patches: #### Regular expression type -The `type: Regexp` extracts the part of the input matching a regular expression. +The `type: Regexp` extracts the part of the input matching a regular expression. -Optionally use a `group` to match a regular expression capture group. +Optionally use a `group` to match a regular expression capture group. By default Crossplane matches the entire regular expression. ```yaml {label="typeRegex"} @@ -1655,8 +1644,8 @@ patches: #### Trim prefix -The `type: TrimPrefix` uses -Go's [TrimPrefix](https://pkg.go.dev/strings#TrimPrefix) and removes characters +The `type: TrimPrefix` uses +Go's [TrimPrefix](https://pkg.go.dev/strings#TrimPrefix) and removes characters from the beginning of a line. ```yaml {label="typeTrimP"} @@ -1673,8 +1662,8 @@ patches: #### Trim suffix -The `type: TrimSuffix` uses -Go's [TrimSuffix](https://pkg.go.dev/strings#TrimSuffix) and removes characters +The `type: TrimSuffix` uses +Go's [TrimSuffix](https://pkg.go.dev/strings#TrimSuffix) and removes characters from the end of a line. ```yaml {label="typeTrimS"} @@ -1704,15 +1693,15 @@ to exist in the data source resource. {{}} If a resource patch isn't working applying the `fromFieldPath: Required` policy -may produce an error in the composite resource to help troubleshoot. +may produce an error in the composite resource to help troubleshoot. {{< /hint >}} By default, Crossplane applies the policy `fromFieldPath: Optional`. With `fromFieldPath: Optional` Crossplane ignores a patch if the `fromFieldPath` -doesn't exist. +doesn't exist. With `fromFieldPath: Required` the composite resource produces an error if the -`fromFieldPath` doesn't exist. +`fromFieldPath` doesn't exist. ```yaml {label="required"} patches: @@ -1735,11 +1724,11 @@ The `toFieldPath` policy supports these options: {{< table "table table-hover" >}} | Policy | Action | | --- | --- | -| `Replace` (default) | Replace the value at `toFieldPath`. | -| `MergeObjects` | Recursively merge into the value at `toFieldPath`. Keep any conflicting object keys. | -| `ForceMergeObjects` | Recursively merge into the value at `toFieldPath`. Replace any conflicting object keys. | -| `MergeObjectsAppendArrays` | Like `MergeObjects`, but append values to arrays instead of replacing them. | -| `ForceMergeObjectsAppendArrays` | Like `ForceMergeObjects`, but append values to arrays instead of replacing them. | +| `Replace` (default) | Replace the value at `toFieldPath`. | +| `MergeObjects` | Recursively merge into the value at `toFieldPath`. Keep any conflicting object keys. | +| `ForceMergeObjects` | Recursively merge into the value at `toFieldPath`. Replace any conflicting object keys. | +| `MergeObjectsAppendArrays` | Like `MergeObjects`, but append values to arrays instead of replacing them. | +| `ForceMergeObjectsAppendArrays` | Like `ForceMergeObjects`, but append values to arrays instead of replacing them. | {{< /table >}} ```yaml {label="merge"} @@ -1757,15 +1746,15 @@ Function patch and Transform must define the specific secret keys a resource creates with the `connectionDetails` object. {{
}} -| Secret Type | Description | -| --- | --- | -| `FromConnectionSecretKey` | Create a secret key matching the key of a secret generated by the resource. | +| Secret Type | Description | +| --- | --- | +| `FromConnectionSecretKey` | Create a secret key matching the key of a secret generated by the resource. | | `FromFieldPath` | Create a secret key matching a field path of the resource. | | `FromValue` | Create a secret key with a predefined value. | {{< /table >}} {{}} -The `value` type must use a string value. +The `value` type must use a string value. The `value` isn't added to the individual resource secret object. The `value` only appears in the combined composite resource secret. @@ -1809,23 +1798,23 @@ The `connectionDetails` in a resource can reference a secret from a resource with `FromConnectionSecretKey`, from another field in the resource with `FromFieldPath` or a statically defined value with `FromValue`. -Crossplane sets the secret key to the `name` value. +Crossplane sets the secret key to the `name` value. Describe the secret to view the secret keys inside the secret object. {{}} If more than one resource generates secrets with the same secret key name, -Crossplane only saves one value. +Crossplane only saves one value. Use a custom `name` to create unique secret keys. {{< /hint >}} {{}} Crossplane only adds connection details listed in the `connectionDetails` to the -combined secret object. +combined secret object. Any connection secrets in a managed resource, not defined in the -`connectionDetails` aren't added to the combined secret object. +`connectionDetails` aren't added to the combined secret object. {{< /hint >}} @@ -1847,17 +1836,17 @@ myStaticSecret: 18 bytes {{}} The CompositeResourceDefinition can also limit which keys Crossplane stores from -the composite resources. +the composite resources. By default an XRD writes all secret keys listed in the composed resources `connectionDetails` to the combined secret object. -Read the -[CompositeResourceDefinition documentation]({{}}) +Read the +[CompositeResourceDefinition documentation]({{}}) for more information on restricting secret keys. {{< /hint >}} -For more information on connection secrets read the +For more information on connection secrets read the [Connection Secrets concepts age]({{}}). ## Resource readiness checks @@ -1917,7 +1906,7 @@ expressions aren't supported in a readiness check. For example, matching the string `Online` in the resource's -`status.atProvider.state` field. +`status.atProvider.state` field. ```yaml {label="matchstring",copy-lines="none"} apiVersion: pt.fn.crossplane.io/v1beta1 @@ -1939,12 +1928,12 @@ field in that resource matches a specified integer. {{}} -Crossplane doesn't support matching `0`. +Crossplane doesn't support matching `0`. {{}} For example, matching the number `4` in the resource's `status.atProvider.state` -field. +field. ```yaml {label="matchint",copy-lines="none"} apiVersion: pt.fn.crossplane.io/v1beta1 @@ -1961,7 +1950,7 @@ resources: ### Match that a field exists `NonEmpty` considers the composed resource to be ready when a field exists with -a value. +a value. {{}} @@ -1969,7 +1958,7 @@ Crossplane considers a value of `0` or an empty string as empty. {{}} For example, to check that a resource's `status.atProvider.state` field isn't -empty. +empty. ```yaml {label="NonEmpty",copy-lines="none"} @@ -1987,12 +1976,12 @@ resources: {{}} Checking `NonEmpty` doesn't require setting any other fields. -{{< /hint >}} +{{< /hint >}} ### Always consider a resource ready `None` considers the composed resource to be ready as soon as it's created. Crossplane doesn't wait for any other conditions before declaring the resource -ready. +ready. For example, consider `my-resource` ready as soon as it's created. @@ -2036,15 +2025,15 @@ Two types of checks exist for matching boolean fields: * `MatchTrue` * `MatchFalse` -`MatchTrue` considers the composed resource to be ready when the value of a +`MatchTrue` considers the composed resource to be ready when the value of a field inside that resource is `true`. -`MatchFalse` considers the composed resource to be ready when the value of a +`MatchFalse` considers the composed resource to be ready when the value of a field inside that resource is `false`. -For example, consider +For example, consider `my-resource`, which is -ready if +ready if ` status.atProvider.manifest.status.ready` is `true`. @@ -2062,7 +2051,7 @@ resources: {{}} Checking `MatchTrue` doesn't require setting any other fields. -{{< /hint >}} +{{< /hint >}} `MatchFalse` matches fields that express readiness with the value `false`. @@ -2083,4 +2072,4 @@ resources: {{}} Checking `MatchFalse` doesn't require setting any other fields. -{{< /hint >}} \ No newline at end of file +{{< /hint >}} diff --git a/content/v1.17/guides/import-existing-resources.md b/content/v1.20/guides/import-existing-resources.md similarity index 100% rename from content/v1.17/guides/import-existing-resources.md rename to content/v1.20/guides/import-existing-resources.md diff --git a/content/v1.17/guides/metrics.md b/content/v1.20/guides/metrics.md similarity index 100% rename from content/v1.17/guides/metrics.md rename to content/v1.20/guides/metrics.md diff --git a/content/v1.17/guides/multi-tenant.md b/content/v1.20/guides/multi-tenant.md similarity index 100% rename from content/v1.17/guides/multi-tenant.md rename to content/v1.20/guides/multi-tenant.md diff --git a/content/v1.17/guides/self-signed-ca-certs.md b/content/v1.20/guides/self-signed-ca-certs.md similarity index 100% rename from content/v1.17/guides/self-signed-ca-certs.md rename to content/v1.20/guides/self-signed-ca-certs.md diff --git a/content/v1.17/guides/troubleshoot-crossplane.md b/content/v1.20/guides/troubleshoot-crossplane.md similarity index 99% rename from content/v1.17/guides/troubleshoot-crossplane.md rename to content/v1.20/guides/troubleshoot-crossplane.md index c396878e..edd16bcb 100644 --- a/content/v1.17/guides/troubleshoot-crossplane.md +++ b/content/v1.20/guides/troubleshoot-crossplane.md @@ -13,7 +13,6 @@ some Crossplane API has been graduated from alpha to beta or stable and the old plugin isn't aware of this change. - ## Resource Status and Conditions Most Crossplane resources have a `status` section that can represent the current diff --git a/content/v1.17/guides/vault-as-secret-store.md b/content/v1.20/guides/vault-as-secret-store.md similarity index 100% rename from content/v1.17/guides/vault-as-secret-store.md rename to content/v1.20/guides/vault-as-secret-store.md diff --git a/content/v1.17/guides/vault-injection.md b/content/v1.20/guides/vault-injection.md similarity index 100% rename from content/v1.17/guides/vault-injection.md rename to content/v1.20/guides/vault-injection.md diff --git a/content/v1.17/guides/write-a-composition-function-in-go.md b/content/v1.20/guides/write-a-composition-function-in-go.md similarity index 100% rename from content/v1.17/guides/write-a-composition-function-in-go.md rename to content/v1.20/guides/write-a-composition-function-in-go.md diff --git a/content/v1.17/guides/write-a-composition-function-in-python.md b/content/v1.20/guides/write-a-composition-function-in-python.md similarity index 100% rename from content/v1.17/guides/write-a-composition-function-in-python.md rename to content/v1.20/guides/write-a-composition-function-in-python.md diff --git a/content/v1.17/learn/_index.md b/content/v1.20/learn/_index.md similarity index 100% rename from content/v1.17/learn/_index.md rename to content/v1.20/learn/_index.md diff --git a/content/v1.17/learn/feature-lifecycle.md b/content/v1.20/learn/feature-lifecycle.md similarity index 100% rename from content/v1.17/learn/feature-lifecycle.md rename to content/v1.20/learn/feature-lifecycle.md diff --git a/content/v1.17/learn/release-cycle.md b/content/v1.20/learn/release-cycle.md similarity index 100% rename from content/v1.17/learn/release-cycle.md rename to content/v1.20/learn/release-cycle.md diff --git a/content/v1.17/software/_index.md b/content/v1.20/software/_index.md similarity index 100% rename from content/v1.17/software/_index.md rename to content/v1.20/software/_index.md diff --git a/content/v1.17/software/install.md b/content/v1.20/software/install.md similarity index 87% rename from content/v1.17/software/install.md rename to content/v1.20/software/install.md index d1f29409..7434c1c3 100644 --- a/content/v1.17/software/install.md +++ b/content/v1.20/software/install.md @@ -132,6 +132,9 @@ Apply customizations with the command line or with a Helm _values_ file. | `extraVolumeMountsCrossplane` | Add custom `volumeMounts` to the Crossplane pod. | `{}` | | `extraVolumesCrossplane` | Add custom `volumes` to the Crossplane pod. | `{}` | | `function.packages` | A list of Function packages to install | `[]` | +| `functionCache.medium` | Set to `Memory` to hold the function cache in a RAM backed file system. Useful for Crossplane development. | `""` | +| `functionCache.pvc` | The name of a PersistentVolumeClaim to use as the function cache. Disables the default function cache `emptyDir` Volume. | `""` | +| `functionCache.sizeLimit` | The size limit for the function cache. If medium is `Memory` the `sizeLimit` can't exceed Node memory. | `"512Mi"` | | `hostNetwork` | Enable `hostNetwork` for the Crossplane deployment. Caution: enabling `hostNetwork` grants the Crossplane Pod access to the host network namespace. Consider setting `dnsPolicy` to `ClusterFirstWithHostNet`. | `false` | | `image.pullPolicy` | The image pull policy used for Crossplane and RBAC Manager pods. | `"IfNotPresent"` | | `image.repository` | Repository for the Crossplane pod image. | `"xpkg.crossplane.io/crossplane/crossplane"` | @@ -139,6 +142,7 @@ Apply customizations with the command line or with a Helm _values_ file. | `imagePullSecrets` | The imagePullSecret names to add to the Crossplane ServiceAccount. | `[]` | | `leaderElection` | Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election) for the Crossplane pod. | `true` | | `metrics.enabled` | Enable Prometheus path, port and scrape annotations and expose port 8080 for both the Crossplane and RBAC Manager pods. | `false` | +| `metrics.port` | The port the metrics server listens on. | `""` | | `nodeSelector` | Add `nodeSelectors` to the Crossplane pod deployment. | `{}` | | `packageCache.configMap` | The name of a ConfigMap to use as the package cache. Disables the default package cache `emptyDir` Volume. | `""` | | `packageCache.medium` | Set to `Memory` to hold the package cache in a RAM backed file system. Useful for Crossplane development. | `""` | @@ -154,9 +158,11 @@ Apply customizations with the command line or with a Helm _values_ file. | `rbacManager.leaderElection` | Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election) for the RBAC Manager pod. | `true` | | `rbacManager.nodeSelector` | Add `nodeSelectors` to the RBAC Manager pod deployment. | `{}` | | `rbacManager.replicas` | The number of RBAC Manager pod `replicas` to deploy. | `1` | +| `rbacManager.revisionHistoryLimit` | The number of RBAC Manager ReplicaSets to retain. | `nil` | | `rbacManager.skipAggregatedClusterRoles` | Don't install aggregated Crossplane ClusterRoles. | `false` | | `rbacManager.tolerations` | Add `tolerations` to the RBAC Manager pod deployment. | `[]` | | `rbacManager.topologySpreadConstraints` | Add `topologySpreadConstraints` to the RBAC Manager pod deployment. | `[]` | +| `readiness.port` | The port the readyz server listens on. | `""` | | `registryCaBundleConfig.key` | The ConfigMap key containing a custom CA bundle to enable fetching packages from registries with unknown or untrusted certificates. | `""` | | `registryCaBundleConfig.name` | The ConfigMap name containing a custom CA bundle to enable fetching packages from registries with unknown or untrusted certificates. | `""` | | `replicas` | The number of Crossplane pod `replicas` to deploy. | `1` | @@ -168,6 +174,8 @@ Apply customizations with the command line or with a Helm _values_ file. | `resourcesRBACManager.limits.memory` | Memory resource limits for the RBAC Manager pod. | `"512Mi"` | | `resourcesRBACManager.requests.cpu` | CPU resource requests for the RBAC Manager pod. | `"100m"` | | `resourcesRBACManager.requests.memory` | Memory resource requests for the RBAC Manager pod. | `"256Mi"` | +| `revisionHistoryLimit` | The number of Crossplane ReplicaSets to retain. | `nil` | +| `runtimeClassName` | The runtimeClassName name to apply to the Crossplane and RBAC Manager pods. | `""` | | `securityContextCrossplane.allowPrivilegeEscalation` | Enable `allowPrivilegeEscalation` for the Crossplane pod. | `false` | | `securityContextCrossplane.readOnlyRootFilesystem` | Set the Crossplane pod root file system as read-only. | `true` | | `securityContextCrossplane.runAsGroup` | The group ID used by the Crossplane pod. | `65532` | @@ -177,10 +185,13 @@ Apply customizations with the command line or with a Helm _values_ file. | `securityContextRBACManager.runAsGroup` | The group ID used by the RBAC Manager pod. | `65532` | | `securityContextRBACManager.runAsUser` | The user ID used by the RBAC Manager pod. | `65532` | | `service.customAnnotations` | Configure annotations on the service object. Only enabled when webhooks.enabled = true | `{}` | +| `serviceAccount.create` | Specifies whether Crossplane ServiceAccount should be created | `true` | | `serviceAccount.customAnnotations` | Add custom `annotations` to the Crossplane ServiceAccount. | `{}` | +| `serviceAccount.name` | Provide the name of an already created Crossplane ServiceAccount. Required when `serviceAccount.create` is `false` | `""` | | `tolerations` | Add `tolerations` to the Crossplane pod deployment. | `[]` | | `topologySpreadConstraints` | Add `topologySpreadConstraints` to the Crossplane pod deployment. | `[]` | | `webhooks.enabled` | Enable webhooks for Crossplane and installed Provider packages. | `true` | +| `webhooks.port` | The port the webhook server listens on. | `""` | {{< /table >}} {{< /expand >}} @@ -254,11 +265,14 @@ at the table below. | --- | --- | --- | | Beta | `--enable-composition-webhook-schema-validation` | Enable Composition validation using schemas. | | Beta | `--enable-deployment-runtime-configs` | Enable support for DeploymentRuntimeConfigs. | -| Alpha | `--enable-environment-configs` | Enable support for EnvironmentConfigs. | +| Beta | `--enable-usages` | Enable support for Usages. | +| Beta | `--enable-ssa-claims` | Enable support for using server-side apply to sync claims with XRs. | +| Beta | `--enable-realtime-compositions` | Enable support for real time compositions. | | Alpha | `--enable-external-secret-stores` | Enable support for External Secret Stores. | -| Alpha | `--enable-realtime-compositions` | Enable support for real time compositions. | -| Alpha | `--enable-ssa-claims` | Enable support for using server-side apply to sync claims with XRs. | -| Alpha | `--enable-usages` | Enable support for Usages. | +| Alpha | `--enable-dependency-version-upgrades` | Enable automatic version upgrades of dependencies when updating packages. | +| Alpha | `--enable-dependency-version-downgrades` | Enable automatic version downgrades of dependencies when updating packages. | +| Alpha | `--enable-signature-verification` | Enable support for package signature verification via ImageConfig API. | +| Alpha | `--enable-function-response-cache` | Enable support for caching composition function responses. | {{< /table >}} {{< /expand >}} @@ -268,9 +282,7 @@ args='{"--enable-composition-functions","--enable-composition-webhook-schema-val #### Change the default package registry -Beginning with Crossplane version 1.20.0 Crossplane uses the -[crossplane-contrib](https://github.com/orgs/crossplane-contrib/packages) GitHub -Container Registry at `xpkg.crossplane.io` by default for downloading and +Beginning with Crossplane version 1.20.0 Crossplane uses the [crossplane-contrib](https://github.com/orgs/crossplane-contrib/packages) GitHub Container Registry at `xpkg.crossplane.io` by default for downloading and installing packages. Change the default registry location during the Crossplane install with @@ -327,4 +339,4 @@ Community Crossplane distribution. The CNCF certified third-party distributions as "[conformant](https://github.com/cncf/crossplane-conformance)" with the -Community Crossplane distribution. \ No newline at end of file +Community Crossplane distribution. diff --git a/content/v1.17/software/uninstall.md b/content/v1.20/software/uninstall.md similarity index 99% rename from content/v1.17/software/uninstall.md rename to content/v1.20/software/uninstall.md index 77a28cd5..0bb4b895 100644 --- a/content/v1.17/software/uninstall.md +++ b/content/v1.20/software/uninstall.md @@ -135,7 +135,7 @@ List the installed _providers_ with `kubectl get providers`. ```shell {copy-lines="1"} kubectl get providers NAME INSTALLED HEALTHY PACKAGE AGE -crossplane-contrib-provider-aws True True xpkg.crossplane.io/crossplane-contrib/provider-aws:v1.21.1 8h +crossplane-contrib-provider-aws True True xpkg.crossplane.io/crossplane-contrib/provider-aws:v1.21.1 8h ``` Remove the installed _providers_ with `kubectl delete provider`. diff --git a/content/v1.17/software/upgrade.md b/content/v1.20/software/upgrade.md similarity index 100% rename from content/v1.17/software/upgrade.md rename to content/v1.20/software/upgrade.md diff --git a/netlify_build.sh b/netlify_build.sh index 288f9644..b4219c20 100644 --- a/netlify_build.sh +++ b/netlify_build.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash # Which which version is the "Latest"? -LATEST_VER="1.19" +LATEST_VER="1.20" # Make a copy of /content/$LATEST_VER to the directory /latest # Search indexing only points to /latest, this prevents broken or out of date