crossplane
/
docs
mirror of https://github.com/crossplane/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #935 from jbw976/release-1.20 

Docs release v1.20
This commit is contained in:
Jared Watts 2025-05-21 13:36:44 +01:00 committed by GitHub
parent 38b311182c aac85ef750
commit 404bdecbfc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
71 changed files with 2902 additions and 2900 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.github/ISSUE_TEMPLATE/new_release.md vendored
View File

@ -7,8 +7,9 @@ labels: release
- [ ] Update the `$LATEST_VER` parameter in [netlify_build.sh](https://github.com/crossplane/docs/blob/master/netlify_build.sh#L3)
- [ ] Update `params.latest` in [config.yaml](https://github.com/crossplane/docs/blob/master/config.yaml#L93)
- [ ] Copy Crossplane [cluster/crds](https://github.com/crossplane/crossplane/tree/main/cluster/crds) contents to `/content/master/api/crds`
- [ ] Copy `/content/master` directory to `/content/<new latest>`
- [ ] Update `version` in the `_index.md` file of `/content/<new latest>` from `master` to the correct version.
- [ ] Copy Crossplane [cluster/crds](https://github.com/crossplane/crossplane/tree/main/cluster/crds) contents to `/content/<new latest>/api/crds`.
- [ ] Create a [new release/tag](https://github.com/crossplane/docs/releases/new) named "v<EOL version>-archive" to snapshot EOL'd docs.
- [ ] Create a [new release/tag](https://github.com/crossplane/docs/releases/new) named `v<EOL version>-archive` to snapshot EOL'd docs.
- [ ] Remove EOL'd docs version from "/content" directory and run `hugo` locally to check for broken links.
- [ ] Trigger [Algolia Crawler](https://crawler.algolia.com/) after publishing to reindex results.

2
config.yaml
View File

@ -90,7 +90,7 @@ security:
# Global parameters accessible by any Page
params:
# The current "latest" version. Used in the version dropdown
latest: "1.19"
latest: "1.20"
docs: true
anchors:
# Generate heading anchors for any heading between min and max

100
content/v1.17/api/crds/pkg.crossplane.io_locks.yaml
View File

@ -1,100 +0,0 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: locks.pkg.crossplane.io
spec:
group: pkg.crossplane.io
names:
kind: Lock
listKind: LockList
plural: locks
singular: lock
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: Lock is the CRD type that tracks package dependencies.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
packages:
items:
description: LockPackage is a package that is in the lock.
properties:
dependencies:
description: |-
Dependencies are the list of dependencies of this package. The order of
the dependencies will dictate the order in which they are resolved.
items:
description: A Dependency is a dependency of a package in the
lock.
properties:
constraints:
description: |-
Constraints is a valid semver range, which will be used to select a valid
dependency version.
type: string
package:
description: Package is the OCI image name without a tag or
digest.
type: string
type:
description: Type is the type of package. Can be either Configuration
or Provider.
type: string
required:
- constraints
- package
- type
type: object
type: array
name:
description: Name corresponds to the name of the package revision
for this package.
type: string
source:
description: Source is the OCI image name without a tag or digest.
type: string
type:
description: Type is the type of package. Can be either Configuration
or Provider.
type: string
version:
description: Version is the tag or digest of the OCI image.
type: string
required:
- dependencies
- name
- source
- type
- version
type: object
type: array
type: object
served: true
storage: true
subresources:
status: {}

414
content/v1.17/concepts/environment-configs.md
View File

@ -1,414 +0,0 @@
---
title: Environment Configurations
weight: 75
state: alpha
alphaVersion: "1.11"
description: "Environment Configurations or EnvironmentConfigs are an in-memory datastore used in Compositions"
---
<!--
TODO: Add Policies
-->
A Crossplane EnvironmentConfig is a cluster scoped
[ConfigMap](https://kubernetes.io/docs/concepts/configuration/configmap/)-like
resource used by Compositions. Compositions can use the environment to store
information from individual resources or to apply patches.
Crossplane supports multiple EnvironmentConfigs, each acting as a unique
data store.
When Crossplane creates a composite resource, Crossplane merges all the
EnvironmentConfigs referenced in the associated Composition and creates a unique
in-memory environment for that composite resource.
The composite resource can read and write data to their unique
in-memory environment.
{{<hint "important" >}}
The in-memory environment is unique to each composite resource.
A composite resource can't read data in another composite resource's
environment.
{{< /hint >}}
## Enable EnvironmentConfigs
EnvironmentConfigs are an alpha feature. Alpha features aren't enabled by
default.
Enable EnvironmentConfig support by
[changing the Crossplane pod setting]({{<ref "./pods#change-pod-settings">}})
and enabling
{{<hover label="deployment" line="12">}}--enable-environment-configs{{</hover>}}
argument.
```yaml {label="deployment",copy-lines="12"}
$ kubectl edit deployment crossplane --namespace crossplane-system
apiVersion: apps/v1
kind: Deployment
spec:
# Removed for brevity
template:
spec:
containers:
- args:
- core
- start
- --enable-environment-configs
```
{{<hint "tip" >}}
The [Crossplane install guide]({{<ref "../software/install#feature-flags">}})
describes enabling feature flags like
{{<hover label="deployment" line="12">}}--enable-environment-configs{{</hover>}}
with Helm.
{{< /hint >}}
<!-- vale Google.Headings = NO -->
## Create an EnvironmentConfig
<!-- vale Google.Headings = YES -->
An {{<hover label="env1" line="2">}}EnvironmentConfig{{</hover>}} has a single
object field,
{{<hover label="env1" line="5">}}data{{</hover>}}.
An EnvironmentConfig supports any data inside the
{{<hover label="env1" line="5">}}data{{</hover>}} field.
Here an example
{{<hover label="env1" line="2">}}EnvironmentConfig{{</hover>}}.
```yaml {label="env1"}
apiVersion: apiextensions.crossplane.io/v1alpha1
kind: EnvironmentConfig
metadata:
name: example-environment
data:
locations:
us: us-east-2
eu: eu-north-1
key1: value1
key2: value2
key3:
- item1
- item2
```
<!-- vale Google.Headings = NO -->
## Select an EnvironmentConfig
<!-- vale Google.Headings = YES -->
Select the EnvironmentConfigs to use
inside a Composition's
{{<hover label="comp" line="6">}}environment{{</hover>}} field.
The {{<hover label="comp" line="7">}}environmentConfigs{{</hover>}} field is a
list of environments this Composition can use.
Select an environment by
{{<hover label="comp" line="8">}}Reference{{</hover>}} or
by
{{<hover label="comp" line="11">}}Selector{{</hover>}}.
A
{{<hover label="comp" line="8">}}Reference{{</hover>}}
selects an environment by
{{<hover label="comp" line="10">}}name{{</hover>}}.
The
{{<hover label="comp" line="11">}}Selector{{</hover>}} selects an environment
based on the
{{<hover label="comp" line="13">}}Labels{{</hover>}} applied to the environment.
```yaml {label="comp",copy-lines="none"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
environment:
environmentConfigs:
- type: Reference
ref:
name: example-environment
- type: Selector
selector:
matchLabels:
# Removed for brevity
```
If a Composition uses multiple
{{<hover label="comp" line="7">}}environmentConfigs{{</hover>}}
Crossplane merges them together in the order they're listed.
{{<hint "note" >}}
If multiple
{{<hover label="comp" line="7">}}environmentConfigs{{</hover>}}
use the same key, the Composition uses the value of the last environment listed.
{{</hint >}}
### Select by name
Select an environment by name with
{{<hover label="byName" line="8">}}type: Reference{{</hover>}}.
Define the
{{<hover label="byName" line="9">}}ref{{</hover>}} object and the
{{<hover label="byName" line="10">}}name{{</hover>}} matching the exact name of
the environment.
For example, select the
{{<hover label="byName" line="7">}}environmentConfig{{</hover>}}
named
{{<hover label="byName" line="10">}}example-environment{{</hover>}}
```yaml {label="byName",copy-lines="all"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
environment:
environmentConfigs:
- type: Reference
ref:
name: example-environment
```
### Select by label
Select an environment by labels with a
{{<hover label="byLabel" line="8">}}type: Selector{{</hover>}}.
Define the {{<hover label="byLabel" line="9">}}selector{{</hover>}} object.
The
{{<hover label="byLabel" line="10">}}matchLabels{{</hover>}} object contains a
list of labels to match on.
Selecting a label requires matching both the label
{{<hover label="byLabel" line="11">}}key{{</hover>}}
and the value of key.
When matching the label's value, provide an exact value with a
{{<hover label="byLabel" line="12">}}type: Value{{</hover>}} and provide the value
to match in the
{{<hover label="byLabel" line="13">}}value{{</hover>}} field.
Crossplane can also match a label's value based on an input in the composite
resource. Use
{{<hover label="byLabel" line="15">}}type: FromCompositeFieldPath{{</hover>}}
and provide the field to match in the
{{<hover label="byLabel" line="16">}}valueFromFieldPath{{</hover>}} field.
```yaml {label="byLabel",copy-lines="all"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
environment:
environmentConfigs:
- type: Selector
selector:
matchLabels:
- key: my-label-key
type: Value
value: my-label-value
- key: my-label-key
type: FromCompositeFieldPath
valueFromFieldPath: spec.parameters.deploy
# Removed for brevity
```
#### Manage selector results
Selecting environments by labels may return more than one environment.
The Composition sorts all the results by the name of the environments and
only uses the first environment in the sorted list.
Set the {{<hover label="selectResults" line="10">}}mode{{</hover>}} as
{{<hover label="selectResults" line="10">}}mode: Multiple{{</hover>}} to return
all matched environments. Use
{{<hover label="selectResults" line="19">}}mode: Single{{</hover>}} to
return a single environment.
{{<hint "note" >}}
Sorting and the selection
{{<hover label="selectResults" line="10">}}mode{{</hover>}}
only applies to a single
{{<hover label="selectResults" line="8">}}type: Selector{{</hover>}}.
This doesn't change how Compositions merge multiple
{{<hover label="selectResults" line="7">}}environmentConfigs{{</hover>}}.
{{< /hint >}}
```yaml {label="selectResults"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
environment:
environmentConfigs:
- type: Selector
selector:
mode: Multiple
matchLabels:
- key: my-label-key
type: Value
value: my-label-value
- key: my-label-key
type: FromCompositeFieldPath
valueFromFieldPath: spec.parameters.deploy
- type: Selector
selector:
mode: Single
matchLabels:
- key: my-other-label-key
type: Value
value: my-other-label-value
- key: my-other-label-key
type: FromCompositeFieldPath
valueFromFieldPath: spec.parameters.deploy
```
When using
{{<hover label="maxMatch" line="10">}}mode: Multiple{{</hover>}} limit the
number of returned environments with
{{<hover label="maxMatch" line="11">}}maxMatch{{</hover>}} and define the
maximum number of environments returned.
Use `minMatch` and define the minimum
number of environments returned.
The Composition sorts the returned environments alphabetically by name. Sort the
environments on a different field with
{{<hover label="maxMatch" line="12">}}sortByFieldPath{{</hover>}} and define
the field to sort by.
```yaml {label="maxMatch"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
environment:
environmentConfigs:
- type: Selector
selector:
mode: Multiple
maxMatch: 4
sortByFieldPath: metadata.annotations[sort.by/weight]
matchLabels:
- key: my-label-key
type: Value
value: my-label-value
- key: my-label-key
type: FromCompositeFieldPath
valueFromFieldPath: spec.parameters.deploy
```
The environments selected by
{{<hover label="maxMatch" line="18">}}matchLabels{{</hover>}} are then merged
into any other environments listed in the
{{<hover label="maxMatch" line="7">}}environmentConfigs{{</hover>}}.
#### Optional selector labels
By default, Crossplane issues an error if a
{{<hover label="byLabelOptional" line="16">}}valueFromFieldPath{{</hover>}}
field doesn't exist in the composite resource.
Add
{{<hover label="byLabelOptional" line="17">}}fromFieldPathPolicy{{</hover>}}
as {{<hover label="byLabelOptional" line="17">}}Optional{{</hover>}}
to ignore a field if it doesn't exist.
```yaml {label="byLabelOptional",copy-lines="all"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
environment:
environmentConfigs:
- type: Selector
selector:
matchLabels:
- key: my-first-label-key
type: Value
value: my-first-label-value
- key: my-second-label-key
type: FromCompositeFieldPath
valueFromFieldPath: spec.parameters.deploy
fromFieldPathPolicy: Optional
# Removed for brevity
```
Set a default value for an optional label by setting the default
{{<hover label="byLabelOptionalDefault" line="15">}}value{{</hover>}} for the
{{<hover label="byLabelOptionalDefault" line="14">}}key{{</hover>}} first, then
define the
{{<hover label="byLabelOptionalDefault" line="20">}}Optional{{</hover>}} label.
For example, this Composition defines
{{<hover label="byLabelOptionalDefault" line="16">}}value: my-default-value{{</hover>}}
for the key {{<hover label="byLabelOptionalDefault" line="14">}}my-second-label-key{{</hover>}}.
If the label
{{<hover label="byLabelOptionalDefault" line="17">}}my-second-label-key{{</hover>}}
exists, Crossplane uses the value from the label instead.
```yaml {label="byLabelOptionalDefault",copy-lines="all"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
environment:
environmentConfigs:
- type: Selector
selector:
matchLabels:
- key: my-first-label-key
type: Value
value: my-label-value
- key: my-second-label-key
type: Value
value: my-default-value
- key: my-second-label-key
type: FromCompositeFieldPath
valueFromFieldPath: spec.parameters.deploy
fromFieldPathPolicy: Optional
# Removed for brevity
```
{{<hint "warning" >}}
Crossplane applies values in order. The value of the last key defined always takes precedence.
Defining the default value _after_ the label always overwrites the label
value.
{{< /hint >}}
## Use EnvironmentConfigs in a Composition
When Crossplane creates or updates a composite resource, it merges all the
specified EnvironmentConfigs into an in-memory environment.
Crossplane sends the merged, in-memory environment to the composition function
pipeline using the
[pipeline context]({{<ref "./compositions#function-pipeline-context">}}).
It writes the environment to the `apiextensions.crossplane.io/environment`
context key.
Some composition functions can read the environment from the pipeline context
and use it to compose resources.
{{<hint "tip" >}}
The Patch and Transform function can use the environment to patch composed
resources. Read about EnvironmentConfig patch types in the
[Patch and Transform function documentation]({{<ref "../guides/function-patch-and-transform">}}).
{{< /hint >}}

86
content/v1.17/concepts/image-configs.md
View File

@ -1,86 +0,0 @@
---
title: Image Configs
weight: 400
description: "Image Configs is an API for centralized control of the configuration of Crossplane package images."
---
<!-- vale write-good.Passive = NO -->
`ImageConfig` is an API for centralized control over the configuration of
Crossplane package images. It allows you to configure package manager behavior
for images globally, without needing to be referenced by other objects.
## Configuring a pull secret
You can use `ImageConfig` to inject a pull secret into the Crossplane package
manager registry client whenever it interacts with the registry, such as for
dependency resolution or image pulls.
In the following example, the `ImageConfig` resource named `acme-packages` is
configured to inject the pull secret named `acme-registry-credentials` whenever
it needs to interact with the registry for images with the prefix
`registry1.com/acme-co/`.
```yaml
apiVersion: pkg.crossplane.io/v1beta1
kind: ImageConfig
metadata:
name: acme-packages
spec:
matchImages:
- type: Prefix
prefix: registry1.com/acme-co/
registry:
authentication:
pullSecretRef:
name: acme-registry-credentials
```
`spec.registry.authentication.pullSecretRef` is a reference to the pull secret
that should be injected into the registry client. The secret must be of type
`kubernetes.io/dockerconfigjson` and must be in the Crossplane installation
namespace, typically `crossplane-system`. One can create the secret using the
following command:
```shell
kubectl -n crossplane-system create secret docker-registry acme-registry-credentials --docker-server=registry1.com --docker-username=<user> --docker-password=<password>
```
### Matching image references
`spec.matchImages` is a list of image references that the `ImageConfig` applies
to. Each item in the list specifies the type and configuration of the image
reference to match. The only supported type is `Prefix`, which matches the
prefix of the image reference. No wildcards are supported. The `type` defaults
to `Prefix` and can be omitted.
When there are multiple `ImageConfigs` matching an image reference, the one
with the longest matching prefix is selected. If there are multiple
`ImageConfigs` with the same longest matching prefix, one of them is selected
arbitrarily. Please note that this situation occurs only if there are
overlapping prefixes in the `matchImages` lists of different `ImageConfig`
resources, which should be avoided.
### Debugging
When the package manager selects an `ImageConfig` for a package, it throws an
event with the reason `ImageConfigSelection` and the name of the selected
`ImageConfig` and injected pull secret. You can find these events both on the
package and package revision resources.
For example, the following event indicates that the `ImageConfig` named
`acme-packages` was selected for the configuration named `acme-configuration-foo`:
```shell
$ kubectl describe configuration acme-configuration-foo
...
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ImageConfigSelection 45s packages/configuration.pkg.crossplane.io Selected pullSecret "acme-registry-credentials" from ImageConfig "acme-packages" for registry authentication
```
If you can't find the expected event, ensure the prefix of the image reference
matches the `matchImages` list of any `ImageConfig` resources in the cluster.
<!-- vale write-good.Passive = YES -->

2
content/v1.17/_index.md → content/v1.20/_index.md
View File

@ -2,7 +2,7 @@
title: "Overview"
weight: -1
cascade:
version: "1.17"
version: "1.20"
---
{{< img src="/media/banner.png" alt="Crossplane Popsicle Truck" size="large" >}}

0
content/v1.17/api/_index.md → content/v1.20/api/_index.md
View File

9
content/v1.17/api/crds/apiextensions.crossplane.io_compositeresourcedefinitions.yaml → content/v1.20/api/crds/apiextensions.crossplane.io_compositeresourcedefinitions.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
name: compositeresourcedefinitions.apiextensions.crossplane.io
spec:
group: apiextensions.crossplane.io
@ -36,7 +36,6 @@ spec:
A CompositeResourceDefinition defines the schema for a new custom Kubernetes
API.
Read the Crossplane documentation for
[more information about CustomResourceDefinitions](https://docs.crossplane.io/latest/concepts/composite-resource-definitions).
properties:
@ -155,7 +154,6 @@ spec:
service is a reference to the service for this webhook. Either
service or url must be specified.
If the webhook is running within the cluster, then you should use `service`.
properties:
name:
@ -189,29 +187,24 @@ spec:
(`scheme://host:port/path`). Exactly one of `url` or `service`
must be specified.
The `host` should not refer to a service running in the cluster; use
the `service` field instead. The host might be resolved via external
DNS in some apiservers (e.g., `kube-apiserver` cannot resolve
in-cluster DNS as that would be a layering violation). `host` may
also be an IP address.
Please note that using `localhost` or `127.0.0.1` as a `host` is
risky unless you take great care to run this webhook on all hosts
which run an apiserver which might need to make calls to this
webhook. Such installs are likely to be non-portable, i.e., not easy
to turn up in a new cluster.
The scheme must be "https"; the URL must begin with "https://".
A path is optional, and if present may be any string permissible in
a URL. You may use the path to pass an arbitrary string to the
webhook, for example, a cluster identifier.
Attempting to use a user or basic auth e.g. "user:password@" is not
allowed. Fragments ("#...") and query parameters ("?...") are not
allowed, either.

1108
content/v1.17/api/crds/apiextensions.crossplane.io_compositionrevisions.yaml → content/v1.20/api/crds/apiextensions.crossplane.io_compositionrevisions.yaml
View File

File diff suppressed because it is too large Load Diff

544
content/v1.17/api/crds/apiextensions.crossplane.io_compositions.yaml → content/v1.20/api/crds/apiextensions.crossplane.io_compositions.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
name: compositions.apiextensions.crossplane.io
spec:
group: apiextensions.crossplane.io
@ -35,7 +35,6 @@ spec:
A Composition defines a collection of managed resources or functions that
Crossplane uses to create and manage new composite resources.
Read the Crossplane documentation for
[more information about Compositions](https://docs.crossplane.io/latest/concepts/compositions).
properties:
@ -77,522 +76,19 @@ spec:
x-kubernetes-validations:
- message: Value is immutable
rule: self == oldSelf
environment:
description: |-
Environment configures the environment in which resources are rendered.
THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
unless the relevant Crossplane feature flag is enabled, and may be
changed or removed without notice.
properties:
defaultData:
additionalProperties:
x-kubernetes-preserve-unknown-fields: true
description: |-
DefaultData statically defines the initial state of the environment.
It has the same schema-less structure as the data field in
environment configs.
It is overwritten by the selected environment configs.
type: object
environmentConfigs:
description: |-
EnvironmentConfigs selects a list of `EnvironmentConfig`s. The resolved
resources are stored in the composite resource at
`spec.environmentConfigRefs` and is only updated if it is null.
The list of references is used to compute an in-memory environment at
compose time. The data of all object is merged in the order they are
listed, meaning the values of EnvironmentConfigs with a larger index take
priority over ones with smaller indices.
The computed environment can be accessed in a composition using
`FromEnvironmentFieldPath` and `CombineFromEnvironment` patches.
items:
description: EnvironmentSource selects a EnvironmentConfig resource.
properties:
ref:
description: |-
Ref is a named reference to a single EnvironmentConfig.
Either Ref or Selector is required.
properties:
name:
description: The name of the object.
type: string
required:
- name
type: object
selector:
description: Selector selects EnvironmentConfig(s) via labels.
properties:
matchLabels:
description: MatchLabels ensures an object with matching
labels is selected.
items:
description: |-
An EnvironmentSourceSelectorLabelMatcher acts like a k8s label selector but
can draw the label value from a different path.
properties:
fromFieldPathPolicy:
default: Required
description: |-
FromFieldPathPolicy specifies the policy for the valueFromFieldPath.
The default is Required, meaning that an error will be returned if the
field is not found in the composite resource.
Optional means that if the field is not found in the composite resource,
that label pair will just be skipped. N.B. other specified label
matchers will still be used to retrieve the desired
environment config, if any.
enum:
- Optional
- Required
type: string
key:
description: Key of the label to match.
type: string
type:
default: FromCompositeFieldPath
description: Type specifies where the value for
a label comes from.
enum:
- FromCompositeFieldPath
- Value
type: string
value:
description: Value specifies a literal label value.
type: string
valueFromFieldPath:
description: ValueFromFieldPath specifies the
field path to look for the label value.
type: string
required:
- key
type: object
type: array
maxMatch:
description: MaxMatch specifies the number of extracted
EnvironmentConfigs in Multiple mode, extracts all
if nil.
format: int64
type: integer
minMatch:
description: MinMatch specifies the required minimum
of extracted EnvironmentConfigs in Multiple mode.
format: int64
type: integer
mode:
default: Single
description: 'Mode specifies retrieval strategy: "Single"
or "Multiple".'
enum:
- Single
- Multiple
type: string
sortByFieldPath:
default: metadata.name
description: SortByFieldPath is the path to the field
based on which list of EnvironmentConfigs is alphabetically
sorted.
type: string
type: object
type:
default: Reference
description: |-
Type specifies the way the EnvironmentConfig is selected.
Default is `Reference`
enum:
- Reference
- Selector
type: string
type: object
type: array
patches:
description: |-
Patches is a list of environment patches that are executed before a
composition's resources are composed.
items:
description: EnvironmentPatch is a patch for a Composition environment.
properties:
combine:
description: |-
Combine is the patch configuration for a CombineFromComposite or
CombineToComposite patch.
properties:
strategy:
description: |-
Strategy defines the strategy to use to combine the input variable values.
Currently only string is supported.
enum:
- string
type: string
string:
description: |-
String declares that input variables should be combined into a single
string, using the relevant settings for formatting purposes.
properties:
fmt:
description: |-
Format the input using a Go format string. See
https://golang.org/pkg/fmt/ for details.
type: string
required:
- fmt
type: object
variables:
description: |-
Variables are the list of variables whose values will be retrieved and
combined.
items:
description: |-
A CombineVariable defines the source of a value that is combined with
others to form and patch an output value. Currently, this only supports
retrieving values from a field path.
properties:
fromFieldPath:
description: |-
FromFieldPath is the path of the field on the source whose value is
to be used as input.
type: string
required:
- fromFieldPath
type: object
minItems: 1
type: array
required:
- strategy
- variables
type: object
fromFieldPath:
description: |-
FromFieldPath is the path of the field on the resource whose value is
to be used as input. Required when type is FromCompositeFieldPath or
ToCompositeFieldPath.
type: string
policy:
description: Policy configures the specifics of patching
behaviour.
properties:
fromFieldPath:
description: |-
FromFieldPath specifies how to patch from a field path. The default is
'Optional', which means the patch will be a no-op if the specified
fromFieldPath does not exist. Use 'Required' if the patch should fail if
the specified path does not exist.
enum:
- Optional
- Required
type: string
mergeOptions:
description: MergeOptions Specifies merge options on
a field path.
properties:
appendSlice:
description: Specifies that already existing elements
in a merged slice should be preserved
type: boolean
keepMapValues:
description: Specifies that already existing values
in a merged map should be preserved
type: boolean
type: object
type: object
toFieldPath:
description: |-
ToFieldPath is the path of the field on the resource whose value will
be changed with the result of transforms. Leave empty if you'd like to
propagate to the same path as fromFieldPath.
type: string
transforms:
description: |-
Transforms are the list of functions that are used as a FIFO pipe for the
input to be transformed.
items:
description: |-
Transform is a unit of process whose input is transformed into an output with
the supplied configuration.
properties:
convert:
description: Convert is used to cast the input into
the given output type.
properties:
format:
description: |-
The expected input format.
* `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity).
Only used during `string -> float64` conversions.
* `json` - parses the input as a JSON string.
Only used during `string -> object` or `string -> list` conversions.
If this property is null, the default conversion is applied.
enum:
- none
- quantity
- json
type: string
toType:
description: ToType is the type of the output
of this transform.
enum:
- string
- int
- int64
- bool
- float64
- object
- array
type: string
required:
- toType
type: object
map:
additionalProperties:
x-kubernetes-preserve-unknown-fields: true
description: Map uses the input as a key in the given
map and returns the value.
type: object
match:
description: Match is a more complex version of Map
that matches a list of patterns.
properties:
fallbackTo:
default: Value
description: Determines to what value the transform
should fallback if no pattern matches.
enum:
- Value
- Input
type: string
fallbackValue:
description: |-
The fallback value that should be returned by the transform if now pattern
matches.
x-kubernetes-preserve-unknown-fields: true
patterns:
description: |-
The patterns that should be tested against the input string.
Patterns are tested in order. The value of the first match is used as
result of this transform.
items:
description: |-
MatchTransformPattern is a transform that returns the value that matches a
pattern.
properties:
literal:
description: |-
Literal exactly matches the input string (case sensitive).
Is required if `type` is `literal`.
type: string
regexp:
description: |-
Regexp to match against the input string.
Is required if `type` is `regexp`.
type: string
result:
description: The value that is used as result
of the transform if the pattern matches.
x-kubernetes-preserve-unknown-fields: true
type:
default: literal
description: |-
Type specifies how the pattern matches the input.
* `literal` - the pattern value has to exactly match (case sensitive) the
input string. This is the default.
* `regexp` - the pattern treated as a regular expression against
which the input string is tested. Crossplane will throw an error if the
key is not a valid regexp.
enum:
- literal
- regexp
type: string
required:
- result
- type
type: object
type: array
type: object
math:
description: |-
Math is used to transform the input via mathematical operations such as
multiplication.
properties:
clampMax:
description: ClampMax makes sure that the value
is not bigger than the given value.
format: int64
type: integer
clampMin:
description: ClampMin makes sure that the value
is not smaller than the given value.
format: int64
type: integer
multiply:
description: Multiply the value.
format: int64
type: integer
type:
default: Multiply
description: Type of the math transform to be
run.
enum:
- Multiply
- ClampMin
- ClampMax
type: string
type: object
string:
description: |-
String is used to transform the input into a string or a different kind
of string. Note that the input does not necessarily need to be a string.
properties:
convert:
description: |-
Optional conversion method to be specified.
`ToUpper` and `ToLower` change the letter case of the input string.
`ToBase64` and `FromBase64` perform a base64 conversion based on the input string.
`ToJson` converts any input value into its raw JSON representation.
`ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input
converted to JSON.
`ToAdler32` generate a addler32 hash based on the input string.
enum:
- ToUpper
- ToLower
- ToBase64
- FromBase64
- ToJson
- ToSha1
- ToSha256
- ToSha512
- ToAdler32
type: string
fmt:
description: |-
Format the input using a Go format string. See
https://golang.org/pkg/fmt/ for details.
type: string
join:
description: Join defines parameters to join a
slice of values to a string.
properties:
separator:
description: |-
Separator defines the character that should separate the values from each
other in the joined string.
type: string
required:
- separator
type: object
regexp:
description: Extract a match from the input using
a regular expression.
properties:
group:
description: Group number to match. 0 (the
default) matches the entire expression.
type: integer
match:
description: |-
Match string. May optionally include submatches, aka capture groups.
See https://pkg.go.dev/regexp/ for details.
type: string
required:
- match
type: object
trim:
description: Trim the prefix or suffix from the
input
type: string
type:
default: Format
description: Type of the string transform to be
run.
enum:
- Format
- Convert
- TrimPrefix
- TrimSuffix
- Regexp
- Join
type: string
type: object
type:
description: Type of the transform to be run.
enum:
- map
- match
- math
- string
- convert
type: string
required:
- type
type: object
type: array
type:
default: FromCompositeFieldPath
description: |-
Type sets the patching behaviour to be used. Each patch type may require
its own fields to be set on the Patch object.
enum:
- FromCompositeFieldPath
- ToCompositeFieldPath
- CombineFromComposite
- CombineToComposite
type: string
type: object
type: array
policy:
description: |-
Policy represents the Resolve and Resolution policies which apply to
all EnvironmentSourceReferences in EnvironmentConfigs list.
properties:
resolution:
default: Required
description: |-
Resolution specifies whether resolution of this reference is required.
The default is 'Required', which means the reconcile will fail if the
reference cannot be resolved. 'Optional' means this reference will be
a no-op if it cannot be resolved.
enum:
- Required
- Optional
type: string
resolve:
description: |-
Resolve specifies when this reference should be resolved. The default
is 'IfNotPresent', which will attempt to resolve the reference only when
the corresponding field is not present. Use 'Always' to resolve the
reference on every reconcile.
enum:
- Always
- IfNotPresent
type: string
type: object
type: object
mode:
default: Resources
description: |-
Mode controls what type or "mode" of Composition will be used.
"Pipeline" indicates that a Composition specifies a pipeline of
Composition Functions, each of which is responsible for producing
composed resources that Crossplane should create or update.
"Resources" indicates that a Composition uses what is commonly referred
to as "Patch & Transform" or P&T composition. This mode of Composition
uses an array of resources, each a template for a composed resource.
All Compositions should use Pipeline mode. Resources mode is deprecated.
Resources mode won't be removed in Crossplane 1.x, and will remain the
default to avoid breaking legacy Compositions. However, it's no longer
@ -607,11 +103,9 @@ spec:
resource in this Composition. PatchSets cannot themselves refer to other
PatchSets.
PatchSets are only used by the "Resources" mode of Composition. They
are ignored by other modes.
Deprecated: Use Composition Functions instead.
items:
description: |-
@ -633,8 +127,8 @@ spec:
properties:
combine:
description: |-
Combine is the patch configuration for a CombineFromComposite,
CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch.
Combine is the patch configuration for a CombineFromComposite or
CombineToComposite patch.
properties:
strategy:
description: |-
@ -683,8 +177,8 @@ spec:
fromFieldPath:
description: |-
FromFieldPath is the path of the field on the resource whose value is
to be used as input. Required when type is FromCompositeFieldPath,
FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath.
to be used as input. Required when type is FromCompositeFieldPath or
ToCompositeFieldPath.
type: string
patchSetName:
description: PatchSetName to include patches from. Required
@ -741,13 +235,11 @@ spec:
description: |-
The expected input format.
* `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity).
Only used during `string -> float64` conversions.
* `json` - parses the input as a JSON string.
Only used during `string -> object` or `string -> list` conversions.
If this property is null, the default conversion is applied.
enum:
- none
@ -822,11 +314,9 @@ spec:
description: |-
Type specifies how the pattern matches the input.
* `literal` - the pattern value has to exactly match (case sensitive) the
input string. This is the default.
* `regexp` - the pattern treated as a regular expression against
which the input string is tested. Crossplane will throw an error if the
key is not a valid regexp.
@ -964,14 +454,10 @@ spec:
its own fields to be set on the Patch object.
enum:
- FromCompositeFieldPath
- FromEnvironmentFieldPath
- PatchSet
- ToCompositeFieldPath
- ToEnvironmentFieldPath
- CombineFromEnvironment
- CombineFromComposite
- CombineToComposite
- CombineToEnvironment
type: string
type: object
type: array
@ -986,7 +472,6 @@ spec:
composite resource referring to this composition is created. One of
resources and pipeline must be specified - you cannot specify both.
The Pipeline is only used by the "Pipeline" mode of Composition. It is
ignored by other modes.
items:
@ -1070,7 +555,6 @@ spec:
with which the connection details of composite resources dynamically
provisioned using this composition will be published.
THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
unless the relevant Crossplane feature flag is enabled, and may be
changed or removed without notice.
@ -1086,11 +570,9 @@ spec:
Resources is a list of resource templates that will be used when a
composite resource referring to this composition is created.
Resources are only used by the "Resources" mode of Composition. They are
ignored by other modes.
Deprecated: Use Composition Functions instead.
items:
description: |-
@ -1173,8 +655,8 @@ spec:
properties:
combine:
description: |-
Combine is the patch configuration for a CombineFromComposite,
CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch.
Combine is the patch configuration for a CombineFromComposite or
CombineToComposite patch.
properties:
strategy:
description: |-
@ -1223,8 +705,8 @@ spec:
fromFieldPath:
description: |-
FromFieldPath is the path of the field on the resource whose value is
to be used as input. Required when type is FromCompositeFieldPath,
FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath.
to be used as input. Required when type is FromCompositeFieldPath or
ToCompositeFieldPath.
type: string
patchSetName:
description: PatchSetName to include patches from. Required
@ -1281,13 +763,11 @@ spec:
description: |-
The expected input format.
* `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity).
Only used during `string -> float64` conversions.
* `json` - parses the input as a JSON string.
Only used during `string -> object` or `string -> list` conversions.
If this property is null, the default conversion is applied.
enum:
- none
@ -1362,11 +842,9 @@ spec:
description: |-
Type specifies how the pattern matches the input.
* `literal` - the pattern value has to exactly match (case sensitive) the
input string. This is the default.
* `regexp` - the pattern treated as a regular expression against
which the input string is tested. Crossplane will throw an error if the
key is not a valid regexp.
@ -1504,14 +982,10 @@ spec:
its own fields to be set on the Patch object.
enum:
- FromCompositeFieldPath
- FromEnvironmentFieldPath
- PatchSet
- ToCompositeFieldPath
- ToEnvironmentFieldPath
- CombineFromEnvironment
- CombineFromComposite
- CombineToComposite
- CombineToEnvironment
type: string
type: object
type: array

43
content/v1.17/api/crds/apiextensions.crossplane.io_environmentconfigs.yaml → content/v1.20/api/crds/apiextensions.crossplane.io_environmentconfigs.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
name: environmentconfigs.apiextensions.crossplane.io
spec:
group: apiextensions.crossplane.io
@ -29,6 +29,47 @@ spec:
An EnvironmentConfig contains user-defined unstructured values for
use in a Composition.
Read the Crossplane documentation for
[more information about EnvironmentConfigs](https://docs.crossplane.io/latest/concepts/environment-configs).
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
data:
additionalProperties:
x-kubernetes-preserve-unknown-fields: true
description: |-
The data of this EnvironmentConfig.
This may contain any kind of structure that can be serialized into JSON.
type: object
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
type: object
served: true
storage: false
subresources: {}
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: |-
An EnvironmentConfig contains user-defined unstructured values for
use in a Composition.
Read the Crossplane documentation for
[more information about EnvironmentConfigs](https://docs.crossplane.io/latest/concepts/environment-configs).

201
content/v1.17/api/crds/apiextensions.crossplane.io_usages.yaml → content/v1.20/api/crds/apiextensions.crossplane.io_usages.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
name: usages.apiextensions.crossplane.io
spec:
group: apiextensions.crossplane.io
@ -32,11 +32,9 @@ spec:
description: |-
A Usage defines a deletion blocking relationship between two resources.
Usages prevent accidental deletion of a single resource or deletion of
resources with dependent resources.
Read the Crossplane documentation for
[more information about Compositions](https://docs.crossplane.io/latest/concepts/usages).
properties:
@ -215,3 +213,200 @@ spec:
storage: true
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .metadata.annotations.crossplane\.io/usage-details
name: DETAILS
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: |-
A Usage defines a deletion blocking relationship between two resources.
Usages prevent accidental deletion of a single resource or deletion of
resources with dependent resources.
Read the Crossplane documentation for
[more information about Compositions](https://docs.crossplane.io/latest/concepts/usages).
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: UsageSpec defines the desired state of Usage.
properties:
by:
description: By is the resource that is "using the other resource".
properties:
apiVersion:
description: API version of the referent.
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
resourceRef:
description: Reference to the resource.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
resourceSelector:
description: |-
Selector to the resource.
This field will be ignored if ResourceRef is set.
properties:
matchControllerRef:
description: |-
MatchControllerRef ensures an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
type: object
x-kubernetes-validations:
- message: either a resource reference or a resource selector should
be set.
rule: has(self.resourceRef) || has(self.resourceSelector)
of:
description: Of is the resource that is "being used".
properties:
apiVersion:
description: API version of the referent.
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
resourceRef:
description: Reference to the resource.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
resourceSelector:
description: |-
Selector to the resource.
This field will be ignored if ResourceRef is set.
properties:
matchControllerRef:
description: |-
MatchControllerRef ensures an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
type: object
x-kubernetes-validations:
- message: either a resource reference or a resource selector should
be set.
rule: has(self.resourceRef) || has(self.resourceSelector)
reason:
description: Reason is the reason for blocking deletion of the resource.
type: string
replayDeletion:
description: ReplayDeletion will trigger a deletion on the used resource
during the deletion of the usage itself, if it was attempted to
be deleted at least once.
type: boolean
required:
- of
type: object
x-kubernetes-validations:
- message: either "spec.by" or "spec.reason" must be specified.
rule: has(self.by) || has(self.reason)
status:
description: UsageStatus defines the observed state of Usage.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: |-
LastTransitionTime is the last time this condition transitioned from one
status to another.
format: date-time
type: string
message:
description: |-
A Message containing details about this condition's last transition from
one status to another, if any.
type: string
observedGeneration:
description: |-
ObservedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
type: integer
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: |-
Type of this condition. At most one of each condition type may apply to
a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}

35
content/v1.17/api/crds/pkg.crossplane.io_configurationrevisions.yaml → content/v1.20/api/crds/pkg.crossplane.io_configurationrevisions.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
name: configurationrevisions.pkg.crossplane.io
spec:
group: pkg.crossplane.io
@ -46,7 +46,6 @@ spec:
A ConfigurationRevision represents a revision of a Configuration. Crossplane
creates new revisions when there are changes to a Configuration.
Crossplane creates and manages ConfigurationRevision. Don't directly edit
ConfigurationRevisions.
properties:
@ -113,10 +112,13 @@ spec:
referenced object inside the same namespace.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -144,6 +146,27 @@ spec:
description: PackageRevisionStatus represents the observed state of a
PackageRevision.
properties:
appliedImageConfigRefs:
description: |-
AppliedImageConfigRefs records any image configs that were applied in
reconciling this revision, and what they were used for.
items:
description: |-
ImageConfigRef is a reference to an image config that indicates how the
referenced image config was used by the package manager.
properties:
name:
description: Name is the name of the image config.
type: string
reason:
description: Reason indicates what the image config was used
for.
type: string
required:
- name
- reason
type: object
type: array
conditions:
description: Conditions of the resource.
items:
@ -279,6 +302,12 @@ spec:
- verbs
type: object
type: array
resolvedImage:
description: |-
ResolvedPackage is the name of the package that was installed. It may be
different from spec.image if the package path was rewritten using an
image config.
type: string
type: object
type: object
served: true

35
content/v1.17/api/crds/pkg.crossplane.io_configurations.yaml → content/v1.20/api/crds/pkg.crossplane.io_configurations.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
name: configurations.pkg.crossplane.io
spec:
group: pkg.crossplane.io
@ -38,7 +38,6 @@ spec:
Crossplane with support for new kinds of CompositeResourceDefinitions and
Compositions.
Read the Crossplane documentation for
[more information about Configuration packages](https://docs.crossplane.io/latest/concepts/packages).
properties:
@ -99,10 +98,13 @@ spec:
referenced object inside the same namespace.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -136,6 +138,27 @@ spec:
status:
description: ConfigurationStatus represents the observed state of a Configuration.
properties:
appliedImageConfigRefs:
description: |-
AppliedImageConfigRefs records any image configs that were applied in
reconciling this package, and what they were used for.
items:
description: |-
ImageConfigRef is a reference to an image config that indicates how the
referenced image config was used by the package manager.
properties:
name:
description: Name is the name of the image config.
type: string
reason:
description: Reason indicates what the image config was used
for.
type: string
required:
- name
- reason
type: object
type: array
conditions:
description: Conditions of the resource.
items:
@ -197,6 +220,12 @@ spec:
reflect the most up to date revision, whether it has been activated or
not.
type: string
resolvedPackage:
description: |-
ResolvedPackage is the name of the package that was used for version
resolution. It may be different from spec.package if the package path was
rewritten using an image config.
type: string
type: object
type: object
served: true

211
content/v1.17/api/crds/pkg.crossplane.io_controllerconfigs.yaml → content/v1.20/api/crds/pkg.crossplane.io_controllerconfigs.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
name: controllerconfigs.pkg.crossplane.io
spec:
group: pkg.crossplane.io
@ -30,7 +30,6 @@ spec:
[DeploymentRuntimeConfig](https://docs.crossplane.io/latest/concepts/providers#runtime-configuration)
instead.
Read the
[Package Runtime Configuration](https://github.com/crossplane/crossplane/blob/11bbe13ea3604928cc4e24e8d0d18f3f5f7e847c/design/one-pager-package-runtime-config.md)
design document for more details.
@ -342,7 +341,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
items:
type: string
type: array
@ -357,7 +356,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
items:
type: string
type: array
@ -523,7 +522,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
items:
type: string
type: array
@ -538,7 +537,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
items:
type: string
type: array
@ -701,7 +700,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
items:
type: string
type: array
@ -716,7 +715,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
items:
type: string
type: array
@ -882,7 +881,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
items:
type: string
type: array
@ -897,7 +896,7 @@ spec:
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
items:
type: string
type: array
@ -1025,10 +1024,13 @@ spec:
description: The key to select.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
optional:
description: Specify whether the ConfigMap or its key
@ -1087,10 +1089,13 @@ spec:
be a valid secret key.
type: string
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
optional:
description: Specify whether the Secret or its key must
@ -1120,10 +1125,13 @@ spec:
description: The ConfigMap to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
optional:
description: Specify whether the ConfigMap must be defined
@ -1138,10 +1146,13 @@ spec:
description: The Secret to select from
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
optional:
description: Specify whether the Secret must be defined
@ -1179,10 +1190,13 @@ spec:
referenced object inside the same namespace.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -1259,12 +1273,10 @@ spec:
Some volume types allow the Kubelet to change the ownership of that volume
to be owned by the pod:
1. The owning GID will be the FSGroup
2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
3. The permission bits are OR'd with rw-rw----
If unset, the Kubelet will not modify the ownership and permissions of any volume.
Note that this field cannot be set when spec.os.name is windows.
format: int64
@ -1351,7 +1363,6 @@ spec:
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
@ -1361,18 +1372,28 @@ spec:
type: object
supplementalGroups:
description: |-
A list of groups applied to the first process run in each container, in addition
to the container's primary GID, the fsGroup (if specified), and group memberships
defined in the container image for the uid of the container process. If unspecified,
no additional groups are added to any container. Note that group memberships
defined in the container image for the uid of the container process are still effective,
even if they are not included in this list.
A list of groups applied to the first process run in each container, in
addition to the container's primary GID and fsGroup (if specified). If
the SupplementalGroupsPolicy feature is enabled, the
supplementalGroupsPolicy field determines whether these are in addition
to or instead of any group memberships defined in the container image.
If unspecified, no additional groups are added, though group memberships
defined in the container image may still be used, depending on the
supplementalGroupsPolicy field.
Note that this field cannot be set when spec.os.name is windows.
items:
format: int64
type: integer
type: array
x-kubernetes-list-type: atomic
supplementalGroupsPolicy:
description: |-
Defines how supplemental groups of the first container processes are calculated.
Valid values are "Merge" and "Strict". If not specified, "Merge" is used.
(Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled
and the container runtime must implement support for this feature.
Note that this field cannot be set when spec.os.name is windows.
type: string
sysctls:
description: |-
Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
@ -1494,11 +1515,9 @@ spec:
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
@ -1509,6 +1528,12 @@ spec:
the Pod where this field is used. It makes that resource available
inside a container.
type: string
request:
description: |-
Request is the name chosen for a request in the referenced claim.
If empty, everything from the claim is made available, otherwise
only the result of this request.
type: string
required:
- name
type: object
@ -1620,7 +1645,7 @@ spec:
procMount:
description: |-
procMount denotes the type of proc mount to use for the containers.
The default is DefaultProcMount which uses the container runtime defaults for
The default value is Default which uses the container runtime defaults for
readonly paths and masked paths.
This requires the ProcMountType feature flag to be enabled.
Note that this field cannot be set when spec.os.name is windows.
@ -1702,7 +1727,6 @@ spec:
type indicates which kind of seccomp profile will be applied.
Valid options are:
Localhost - a profile defined in a file on the node should be used.
RuntimeDefault - the container runtime default profile should be used.
Unconfined - no profile should be applied.
@ -1832,10 +1856,8 @@ spec:
RecursiveReadOnly specifies whether read-only mounts should be handled
recursively.
If ReadOnly is false, this field has no meaning and must be unspecified.
If ReadOnly is true, and this field is set to Disabled, the mount is not made
recursively read-only. If this field is set to IfPossible, the mount is made
recursively read-only, if it is supported by the container runtime. If this
@ -1843,11 +1865,9 @@ spec:
supported by the container runtime, otherwise the pod will not be started and
an error will be generated to indicate the reason.
If this field is set to IfPossible or Enabled, MountPropagation must be set to
None (or be unspecified, which defaults to None).
If this field is not specified, it is treated as an equivalent of Disabled.
type: string
subPath:
@ -1887,7 +1907,6 @@ spec:
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
partition:
description: |-
@ -1927,6 +1946,7 @@ spec:
storage
type: string
fsType:
default: ext4
description: |-
fsType is Filesystem type to mount.
Must be a filesystem type supported by the host operating system.
@ -1939,6 +1959,7 @@ spec:
disk (only in managed availability set). defaults to shared'
type: string
readOnly:
default: false
description: |-
readOnly Defaults to false (read/write). ReadOnly here will force
the ReadOnly setting in VolumeMounts.
@ -2000,10 +2021,13 @@ spec:
More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -2039,10 +2063,13 @@ spec:
to OpenStack.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -2108,10 +2135,13 @@ spec:
type: array
x-kubernetes-list-type: atomic
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
optional:
description: optional specify whether the ConfigMap or its
@ -2144,10 +2174,13 @@ spec:
secret object contains more than one secret, all secret references are passed.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -2284,7 +2317,6 @@ spec:
The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,
and deleted when the pod is removed.
Use this if:
a) the volume is only needed while the pod runs,
b) features of normal volumes like restoring from snapshot or capacity
@ -2295,17 +2327,14 @@ spec:
information on the connection between this volume type
and PersistentVolumeClaim).
Use PersistentVolumeClaim or one of the vendor-specific
APIs for volumes that persist for longer than the lifecycle
of an individual pod.
Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to
be used that way - see the documentation of the driver for
more information.
A pod can use both types of ephemeral volumes and
persistent volumes at the same time.
properties:
@ -2319,7 +2348,6 @@ spec:
entry. Pod validation will reject the pod if the concatenated name
is not valid for a PVC (for example, too long).
An existing PVC with that name that is not owned by the pod
will *not* be used for the pod to avoid using an unrelated
volume by mistake. Starting the pod is then blocked until
@ -2329,11 +2357,9 @@ spec:
this should not be necessary, but it may be useful when
manually reconstructing a broken cluster.
This field is read-only and no changes will be made by Kubernetes
to the PVC after it has been created.
Required, must not be nil.
properties:
metadata:
@ -2553,7 +2579,7 @@ spec:
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
(Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).
type: string
volumeMode:
description: |-
@ -2579,7 +2605,6 @@ spec:
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
lun:
description: 'lun is Optional: FC target lun number'
@ -2641,10 +2666,13 @@ spec:
scripts.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -2678,7 +2706,6 @@ spec:
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
partition:
description: |-
@ -2759,9 +2786,6 @@ spec:
used for system agents or other privileged things that are allowed
to see the host machine. Most containers will NOT need this.
More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
---
TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
mount host directories as read/write.
properties:
path:
description: |-
@ -2778,6 +2802,41 @@ spec:
required:
- path
type: object
image:
description: |-
image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine.
The volume is resolved at pod startup depending on which PullPolicy value is provided:
- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.
- Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.
- IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.
The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation.
A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message.
The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.
The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.
The volume will be mounted read-only (ro) and non-executable files (noexec).
Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).
The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.
properties:
pullPolicy:
description: |-
Policy for pulling OCI objects. Possible values are:
Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails.
Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present.
IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.
Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
type: string
reference:
description: |-
Required: Image or artifact reference to be used.
Behaves in the same way as pod.spec.containers[*].image.
Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets.
More info: https://kubernetes.io/docs/concepts/containers/images
This field is optional to allow higher level config management to default or override
container images in workload controllers like Deployments and StatefulSets.
type: string
type: object
iscsi:
description: |-
iscsi represents an ISCSI Disk resource that is attached to a
@ -2798,7 +2857,6 @@ spec:
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
initiatorName:
description: |-
@ -2810,6 +2868,7 @@ spec:
description: iqn is the target iSCSI Qualified Name.
type: string
iscsiInterface:
default: default
description: |-
iscsiInterface is the interface Name that uses an iSCSI transport.
Defaults to 'default' (tcp).
@ -2836,10 +2895,13 @@ spec:
and initiator authentication
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -2956,24 +3018,24 @@ spec:
format: int32
type: integer
sources:
description: sources is the list of volume projections
description: |-
sources is the list of volume projections. Each entry in this list
handles one source.
items:
description: Projection that may be projected along with
other supported volume types
description: |-
Projection that may be projected along with other supported volume types.
Exactly one of these fields must be set.
properties:
clusterTrustBundle:
description: |-
ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field
of ClusterTrustBundle objects in an auto-updating file.
Alpha, gated by the ClusterTrustBundleProjection feature gate.
ClusterTrustBundle objects can either be selected by name, or by the
combination of signer name and a label selector.
Kubelet performs aggressive normalization of the PEM contents written
into the pod filesystem. Esoteric PEM features such as inter-block
comments and block headers are stripped. Certificates are deduplicated.
@ -3101,10 +3163,13 @@ spec:
type: array
x-kubernetes-list-type: atomic
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
optional:
description: optional specify whether the ConfigMap
@ -3236,10 +3301,13 @@ spec:
type: array
x-kubernetes-list-type: atomic
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
optional:
description: optional field specify whether the
@ -3329,7 +3397,6 @@ spec:
Tip: Ensure that the filesystem type is supported by the host operating system.
Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
TODO: how do we prevent errors in the filesystem from compromising the machine
type: string
image:
description: |-
@ -3337,6 +3404,7 @@ spec:
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
type: string
keyring:
default: /etc/ceph/keyring
description: |-
keyring is the path to key ring for RBDUser.
Default is /etc/ceph/keyring.
@ -3351,6 +3419,7 @@ spec:
type: array
x-kubernetes-list-type: atomic
pool:
default: rbd
description: |-
pool is the rados pool name.
Default is rbd.
@ -3370,14 +3439,18 @@ spec:
More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
user:
default: admin
description: |-
user is the rados user name.
Default is admin.
@ -3392,6 +3465,7 @@ spec:
attached and mounted on Kubernetes nodes.
properties:
fsType:
default: xfs
description: |-
fsType is the filesystem type to mount.
Must be a filesystem type supported by the host operating system.
@ -3417,10 +3491,13 @@ spec:
sensitive information. If this is not provided, Login operation will fail.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -3429,6 +3506,7 @@ spec:
with Gateway, default false
type: boolean
storageMode:
default: ThinProvisioned
description: |-
storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
Default is ThinProvisioned.
@ -3536,10 +3614,13 @@ spec:
credentials. If not specified, default values will be attempted.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic

373
content/v1.17/api/crds/pkg.crossplane.io_deploymentruntimeconfigs.yaml → content/v1.20/api/crds/pkg.crossplane.io_deploymentruntimeconfigs.yaml
View File

File diff suppressed because it is too large Load Diff

68
content/v1.17/api/crds/pkg.crossplane.io_functionrevisions.yaml → content/v1.20/api/crds/pkg.crossplane.io_functionrevisions.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
name: functionrevisions.pkg.crossplane.io
spec:
group: pkg.crossplane.io
@ -46,7 +46,6 @@ spec:
A FunctionRevision represents a revision of a Function. Crossplane
creates new revisions when there are changes to the Function.
Crossplane creates and manages FunctionRevisions. Don't directly edit
FunctionRevisions.
properties:
@ -125,10 +124,13 @@ spec:
referenced object inside the same namespace.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -187,6 +189,27 @@ spec:
description: FunctionRevisionStatus represents the observed state of a
FunctionRevision.
properties:
appliedImageConfigRefs:
description: |-
AppliedImageConfigRefs records any image configs that were applied in
reconciling this revision, and what they were used for.
items:
description: |-
ImageConfigRef is a reference to an image config that indicates how the
referenced image config was used by the package manager.
properties:
name:
description: Name is the name of the image config.
type: string
reason:
description: Reason indicates what the image config was used
for.
type: string
required:
- name
- reason
type: object
type: array
conditions:
description: Conditions of the resource.
items:
@ -327,6 +350,12 @@ spec:
- verbs
type: object
type: array
resolvedImage:
description: |-
ResolvedPackage is the name of the package that was installed. It may be
different from spec.image if the package path was rewritten using an
image config.
type: string
type: object
type: object
served: true
@ -362,7 +391,6 @@ spec:
A FunctionRevision represents a revision of a Function. Crossplane
creates new revisions when there are changes to the Function.
Crossplane creates and manages FunctionRevisions. Don't directly edit
FunctionRevisions.
properties:
@ -441,10 +469,13 @@ spec:
referenced object inside the same namespace.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -503,6 +534,27 @@ spec:
description: FunctionRevisionStatus represents the observed state of a
FunctionRevision.
properties:
appliedImageConfigRefs:
description: |-
AppliedImageConfigRefs records any image configs that were applied in
reconciling this revision, and what they were used for.
items:
description: |-
ImageConfigRef is a reference to an image config that indicates how the
referenced image config was used by the package manager.
properties:
name:
description: Name is the name of the image config.
type: string
reason:
description: Reason indicates what the image config was used
for.
type: string
required:
- name
- reason
type: object
type: array
conditions:
description: Conditions of the resource.
items:
@ -643,6 +695,12 @@ spec:
- verbs
type: object
type: array
resolvedImage:
description: |-
ResolvedPackage is the name of the package that was installed. It may be
different from spec.image if the package path was rewritten using an
image config.
type: string
type: object
type: object
served: true

68
content/v1.17/api/crds/pkg.crossplane.io_functions.yaml → content/v1.20/api/crds/pkg.crossplane.io_functions.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
name: functions.pkg.crossplane.io
spec:
group: pkg.crossplane.io
@ -37,7 +37,6 @@ spec:
A Function installs an OCI compatible Crossplane package, extending
Crossplane with support for a new kind of composition function.
Read the Crossplane documentation for
[more information about Functions](https://docs.crossplane.io/latest/concepts/composition-functions).
properties:
@ -108,10 +107,13 @@ spec:
referenced object inside the same namespace.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -166,6 +168,27 @@ spec:
status:
description: FunctionStatus represents the observed state of a Function.
properties:
appliedImageConfigRefs:
description: |-
AppliedImageConfigRefs records any image configs that were applied in
reconciling this package, and what they were used for.
items:
description: |-
ImageConfigRef is a reference to an image config that indicates how the
referenced image config was used by the package manager.
properties:
name:
description: Name is the name of the image config.
type: string
reason:
description: Reason indicates what the image config was used
for.
type: string
required:
- name
- reason
type: object
type: array
conditions:
description: Conditions of the resource.
items:
@ -227,6 +250,12 @@ spec:
reflect the most up to date revision, whether it has been activated or
not.
type: string
resolvedPackage:
description: |-
ResolvedPackage is the name of the package that was used for version
resolution. It may be different from spec.package if the package path was
rewritten using an image config.
type: string
type: object
type: object
served: true
@ -253,7 +282,6 @@ spec:
A Function installs an OCI compatible Crossplane package, extending
Crossplane with support for a new kind of composition function.
Read the Crossplane documentation for
[more information about Functions](https://docs.crossplane.io/latest/concepts/composition-functions).
properties:
@ -324,10 +352,13 @@ spec:
referenced object inside the same namespace.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -382,6 +413,27 @@ spec:
status:
description: FunctionStatus represents the observed state of a Function.
properties:
appliedImageConfigRefs:
description: |-
AppliedImageConfigRefs records any image configs that were applied in
reconciling this package, and what they were used for.
items:
description: |-
ImageConfigRef is a reference to an image config that indicates how the
referenced image config was used by the package manager.
properties:
name:
description: Name is the name of the image config.
type: string
reason:
description: Reason indicates what the image config was used
for.
type: string
required:
- name
- reason
type: object
type: array
conditions:
description: Conditions of the resource.
items:
@ -443,6 +495,12 @@ spec:
reflect the most up to date revision, whether it has been activated or
not.
type: string
resolvedPackage:
description: |-
ResolvedPackage is the name of the package that was used for version
resolution. It may be different from spec.package if the package path was
rewritten using an image config.
type: string
type: object
type: object
served: true

249
content/v1.20/api/crds/pkg.crossplane.io_imageconfigs.yaml Normal file
View File

@ -0,0 +1,249 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
name: imageconfigs.pkg.crossplane.io
spec:
group: pkg.crossplane.io
names:
categories:
- crossplane
kind: ImageConfig
listKind: ImageConfigList
plural: imageconfigs
singular: imageconfig
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: The ImageConfig resource is used to configure settings for package
images.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ImageConfigSpec contains the configuration for matching images.
properties:
matchImages:
description: |-
MatchImages is a list of image matching rules. This ImageConfig will
match an image if any one of these rules is satisfied. In the case where
multiple ImageConfigs match an image for a given purpose the one with the
most specific match will be used. If multiple rules of equal specificity
match an arbitrary one will be selected.
items:
description: ImageMatch defines a rule for matching image.
properties:
prefix:
description: |-
Prefix is the prefix that should be matched. When multiple prefix rules
match an image path, the longest one takes precedence.
type: string
type:
default: Prefix
description: Type is the type of match.
enum:
- Prefix
type: string
required:
- prefix
type: object
type: array
x-kubernetes-validations:
- message: matchImages should have at least one element.
rule: size(self) > 0
registry:
description: Registry is the configuration for the registry.
properties:
authentication:
description: Authentication is the authentication information
for the registry.
properties:
pullSecretRef:
description: |-
PullSecretRef is a reference to a secret that contains the credentials for
the registry.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
type: object
x-kubernetes-map-type: atomic
required:
- pullSecretRef
type: object
type: object
rewriteImage:
description: RewriteImage defines how a matched image's path should
be rewritten.
properties:
prefix:
description: |-
Prefix is the prefix that will replace the portion of the image's path
matched by the prefix in the ImageMatch. If multiple prefixes matched,
the longest one will be replaced.
type: string
required:
- prefix
type: object
verification:
description: Verification contains the configuration for verifying
the image.
properties:
cosign:
description: Cosign is the configuration for verifying the image
using cosign.
properties:
authorities:
description: Authorities defines the rules for discovering
and validating signatures.
items:
description: CosignAuthority defines the rules for discovering
and validating signatures.
properties:
attestations:
description: |-
Attestations is a list of individual attestations for this authority,
once the signature for this authority has been verified.
items:
description: |-
Attestation defines the type of attestation to validate and optionally
apply a policy decision to it. Authority block is used to verify the
specified attestation types, and if Policy is specified, then it's applied
only after the validation of the Attestation signature has been verified.
properties:
name:
description: Name of the attestation.
type: string
predicateType:
description: |-
PredicateType defines which predicate type to verify. Matches cosign
verify-attestation options.
type: string
required:
- name
- predicateType
type: object
type: array
key:
description: Key defines the type of key to validate
the image.
properties:
hashAlgorithm:
default: sha256
description: HashAlgorithm always defaults to sha256
if the algorithm hasn't been explicitly set
type: string
secretRef:
description: SecretRef sets a reference to a secret
with the key.
properties:
key:
description: The key to select.
type: string
name:
description: Name of the secret.
type: string
required:
- key
- name
type: object
required:
- hashAlgorithm
- secretRef
type: object
keyless:
description: |-
Keyless sets the configuration to verify the authority against a Fulcio
instance.
properties:
identities:
description: Identities sets a list of identities.
items:
description: |-
Identity may contain the issuer and/or the subject found in the transparency
log.
Issuer/Subject uses a strict match, while IssuerRegExp and SubjectRegExp
apply a regexp for matching.
properties:
issuer:
description: Issuer defines the issuer for
this identity.
type: string
issuerRegExp:
description: |-
IssuerRegExp specifies a regular expression to match the issuer for this identity.
This has precedence over the Issuer field.
type: string
subject:
description: Subject defines the subject for
this identity.
type: string
subjectRegExp:
description: |-
SubjectRegExp specifies a regular expression to match the subject for this identity.
This has precedence over the Subject field.
type: string
type: object
type: array
insecureIgnoreSCT:
description: InsecureIgnoreSCT omits verifying if
a certificate contains an embedded SCT
type: boolean
required:
- identities
type: object
name:
description: Name is the name for this authority.
type: string
required:
- name
type: object
type: array
required:
- authorities
type: object
provider:
description: Provider is the provider that should be used to verify
the image.
enum:
- Cosign
type: string
required:
- provider
type: object
required:
- matchImages
type: object
type: object
served: true
storage: true
subresources: {}

171
content/v1.20/api/crds/pkg.crossplane.io_locks.yaml Normal file
View File

@ -0,0 +1,171 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
name: locks.pkg.crossplane.io
spec:
group: pkg.crossplane.io
names:
kind: Lock
listKind: LockList
plural: locks
singular: lock
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: Lock is the CRD type that tracks package dependencies.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
packages:
items:
description: LockPackage is a package that is in the lock.
properties:
apiVersion:
description: APIVersion of the package.
type: string
dependencies:
description: |-
Dependencies are the list of dependencies of this package. The order of
the dependencies will dictate the order in which they are resolved.
items:
description: A Dependency is a dependency of a package in the
lock.
properties:
apiVersion:
description: APIVersion of the package.
type: string
constraints:
description: |-
Constraints is a valid semver range or a digest, which will be used to select a valid
dependency version.
type: string
kind:
description: Kind of the package (not the kind of the package
revision).
type: string
package:
description: Package is the OCI image name without a tag or
digest.
type: string
type:
description: |-
Type is the type of package. Can be either Configuration or Provider.
Deprecated: Specify an apiVersion and kind instead.
enum:
- Configuration
- Provider
- Function
type: string
required:
- constraints
- package
type: object
type: array
kind:
description: Kind of the package (not the kind of the package revision).
type: string
name:
description: Name corresponds to the name of the package revision
for this package.
type: string
source:
description: Source is the OCI image name without a tag or digest.
type: string
type:
description: |-
Type is the type of package.
Deprecated: Specify an apiVersion and kind instead.
enum:
- Configuration
- Provider
- Function
type: string
version:
description: Version is the tag or digest of the OCI image.
type: string
required:
- dependencies
- name
- source
- version
type: object
type: array
status:
description: Status of the Lock.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: |-
LastTransitionTime is the last time this condition transitioned from one
status to another.
format: date-time
type: string
message:
description: |-
A Message containing details about this condition's last transition from
one status to another, if any.
type: string
observedGeneration:
description: |-
ObservedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
type: integer
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: |-
Type of this condition. At most one of each condition type may apply to
a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
type: object
type: object
served: true
storage: true
subresources:
status: {}

35
content/v1.17/api/crds/pkg.crossplane.io_providerrevisions.yaml → content/v1.20/api/crds/pkg.crossplane.io_providerrevisions.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
name: providerrevisions.pkg.crossplane.io
spec:
group: pkg.crossplane.io
@ -46,7 +46,6 @@ spec:
A ProviderRevision represents a revision of a Provider. Crossplane
creates new revisions when there are changes to a Provider.
Crossplane creates and manages ProviderRevisions. Don't directly edit
ProviderRevisions.
properties:
@ -125,10 +124,13 @@ spec:
referenced object inside the same namespace.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -187,6 +189,27 @@ spec:
description: PackageRevisionStatus represents the observed state of a
PackageRevision.
properties:
appliedImageConfigRefs:
description: |-
AppliedImageConfigRefs records any image configs that were applied in
reconciling this revision, and what they were used for.
items:
description: |-
ImageConfigRef is a reference to an image config that indicates how the
referenced image config was used by the package manager.
properties:
name:
description: Name is the name of the image config.
type: string
reason:
description: Reason indicates what the image config was used
for.
type: string
required:
- name
- reason
type: object
type: array
conditions:
description: Conditions of the resource.
items:
@ -322,6 +345,12 @@ spec:
- verbs
type: object
type: array
resolvedImage:
description: |-
ResolvedPackage is the name of the package that was installed. It may be
different from spec.image if the package path was rewritten using an
image config.
type: string
type: object
type: object
served: true

35
content/v1.17/api/crds/pkg.crossplane.io_providers.yaml → content/v1.20/api/crds/pkg.crossplane.io_providers.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
name: providers.pkg.crossplane.io
spec:
group: pkg.crossplane.io
@ -37,7 +37,6 @@ spec:
A Provider installs an OCI compatible Crossplane package, extending
Crossplane with support for new kinds of managed resources.
Read the Crossplane documentation for
[more information about Providers](https://docs.crossplane.io/latest/concepts/providers).
properties:
@ -110,10 +109,13 @@ spec:
referenced object inside the same namespace.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
@ -168,6 +170,27 @@ spec:
status:
description: ProviderStatus represents the observed state of a Provider.
properties:
appliedImageConfigRefs:
description: |-
AppliedImageConfigRefs records any image configs that were applied in
reconciling this package, and what they were used for.
items:
description: |-
ImageConfigRef is a reference to an image config that indicates how the
referenced image config was used by the package manager.
properties:
name:
description: Name is the name of the image config.
type: string
reason:
description: Reason indicates what the image config was used
for.
type: string
required:
- name
- reason
type: object
type: array
conditions:
description: Conditions of the resource.
items:
@ -229,6 +252,12 @@ spec:
reflect the most up to date revision, whether it has been activated or
not.
type: string
resolvedPackage:
description: |-
ResolvedPackage is the name of the package that was used for version
resolution. It may be different from spec.package if the package path was
rewritten using an image config.
type: string
type: object
type: object
served: true

2
content/v1.17/api/crds/secrets.crossplane.io_storeconfigs.yaml → content/v1.20/api/crds/secrets.crossplane.io_storeconfigs.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.5
name: storeconfigs.secrets.crossplane.io
spec:
group: secrets.crossplane.io

17
content/v1.17/cli/_index.md → content/v1.20/cli/_index.md
View File

@ -62,3 +62,20 @@ For example, to install CLI version `v1.14.0` add `XP_VERSION=v1.14.0` to the
download script curl command:
`curl -sL "https://raw.githubusercontent.com/crossplane/crossplane/main/install.sh" | XP_VERSION=v1.14.0 sh`
## Installing shell autocompletions
The Crossplane CLI supports shell autocompletions for `bash`, `zsh` and `fish`.
You can install the autocompletions with the `completions` command by adding it to
your shell's configuration file.
```shell
source <(crossplane completions)
```
{{<hint "note" >}}
The `completions` command generates the autocompletions for your default shell.
It's not possible to generate autocompletions for a different shell, if you want to
install the autocompletions for a different shell, you have to configure the Crossplane
CLI as the completer manually.
{{< /hint >}}

3
content/v1.17/cli/command-reference.md → content/v1.20/cli/command-reference.md
View File

@ -322,7 +322,7 @@ inside Crossplane.
The `<package-kind>` is either a `configuration`, `function` or `provider`.
For example, to install to the latest version of the
For example, to install the latest version of the
[AWS S3 provider](https://github.com/crossplane-contrib/provider-upjet-aws):
`crossplane xpkg install provider xpkg.crossplane.io/crossplane-contrib/provider-aws-s3:v1.21.1`
@ -902,6 +902,7 @@ A Kubernetes cluster running Crossplane isn't required.
| | `--cache-dir=".crossplane/cache"` | Specify the absolute path to the cache directory to store downloaded schemas. |
| | `--clean-cache` | Clean the cache directory before downloading package schemas. |
| | `--skip-success-results` | Skip printing success results. |
| | `--error-on-missing-schemas` | Return a non zero exit code if any schemas are missing. |
| | `--verbose` | Print verbose logging statements. |
{{< /table >}}

0
content/v1.17/concepts/_index.md → content/v1.20/concepts/_index.md
View File

0
content/v1.17/concepts/claims.md → content/v1.20/concepts/claims.md
View File

0
content/v1.17/concepts/composite-resource-definitions.md → content/v1.20/concepts/composite-resource-definitions.md
View File

0
content/v1.17/concepts/composite-resources.md → content/v1.20/concepts/composite-resources.md
View File

0
content/v1.17/concepts/composition-revisions.md → content/v1.20/concepts/composition-revisions.md
View File

0
content/v1.17/concepts/compositions.md → content/v1.20/concepts/compositions.md
View File

0
content/v1.17/concepts/connection-details.md → content/v1.20/concepts/connection-details.md
View File

500
content/v1.20/concepts/environment-configs.md Normal file
View File

@ -0,0 +1,500 @@
---
title: Environment Configurations
weight: 75
state: beta
alphaVersion: "1.11"
betaVersion: "1.18"
description: "Environment Configurations or EnvironmentConfigs are an in-memory datastore used in Compositions"
---
<!--
TODO: Add Policies
-->
A Crossplane EnvironmentConfig is a cluster-scoped, strongly typed,
[ConfigMap](https://kubernetes.io/docs/concepts/configuration/configmap/)-like
resource used by Compositions. Compositions can use the environment to store
information from individual resources or to apply patches.
Crossplane supports multiple `EnvironmentConfigs`, each acting as a unique
data store.
When Crossplane creates a composite resource, Crossplane merges all the
EnvironmentConfigs referenced in the associated Composition and creates a unique
in-memory environment for that composite resource.
The composite resource can read and write data to their unique
in-memory environment.
{{<hint "important" >}}
The in-memory environment is unique to each composite resource.
A composite resource can't read data in another composite resource's
environment.
{{< /hint >}}
<!-- vale Google.Headings = NO -->
## Create an EnvironmentConfig
<!-- vale Google.Headings = YES -->
An {{<hover label="env1" line="2">}}EnvironmentConfig{{</hover>}} has a single
object field,
{{<hover label="env1" line="5">}}data{{</hover>}}.
An EnvironmentConfig supports any data inside the
{{<hover label="env1" line="5">}}data{{</hover>}} field.
Here an example
{{<hover label="env1" line="2">}}EnvironmentConfig{{</hover>}}.
```yaml {label="env1"}
apiVersion: apiextensions.crossplane.io/v1beta1
kind: EnvironmentConfig
metadata:
name: example-environment
data:
locations:
us: us-east-2
eu: eu-north-1
key1: value1
key2: value2
key3:
- item1
- item2
```
## Access EnvironmentConfigs
`EnvironmentConfigs` can be accessed by [Composition Functions] supporting
[extra-resources], for example [function-environment-configs] or
[function-go-templating].
## Migration from Alpha Composition Environment
Crossplane (`<=v1.17`) natively supported selecting `EnvironmentConfigs`,
merging them into an `in-memory environment` and patching between that,
composed and composite resources. From `v1.18`, this native capability has been
removed, in favor of [Composition Functions].
Users that enabled Alpha Composition Environments
(`--enable-environment-configs`) and leveraged the native functionality
(`spec.environment.patches`, `spec.environment.environmentConfigs` and
`*Environment` patches), will have to migrate to Composition Functions to
continue doing so.
Automated migration to `Pipeline` mode is available through `crossplane beta
convert pipeline-composition`, which will move a composition using `Resource`
mode, to [function-patch-and-transform] and, if needed,
[function-environment-configs].
See the documentation of [function-environment-configs] for more details about manual
migration.
<!-- vale Google.Headings = NO -->
## Select an EnvironmentConfig using function-environment-configs
<!-- vale Google.Headings = YES -->
Select the EnvironmentConfigs to use through [function-environment-configs]'s `Input`.
The `environmentConfigs` field is a list of `EnvironmentConfigs` we want
retrieved, merged and passed to the next step in the pipeline through the
[Context] at a well known key, `apiextensions.crossplane.io/environment`.
Select an environment by `Reference` or by `Selector`:
* A `Reference` selects an `EnvironmentConfig` by name.
* The `Selector` selects an `EnvironmentConfig` by labels.
```yaml {label="comp",copy-lines="none"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
mode: Pipeline
pipeline:
- step: environmentConfigs
functionRef:
name: function-environment-configs
input:
apiVersion: environmentconfigs.fn.crossplane.io/v1beta1
kind: Input
spec:
environmentConfigs:
- type: Reference
ref:
name: example-environment
- type: Selector
selector:
matchLabels:
# Removed for brevity
# the environment will be passed to the next function in the pipeline
# as part of the context
# Next step consuming the merged environment removed for brevity...
```
If a Composition uses multiple `EnvironmentConfigs`,
[function-environment-configs] merges them together in the order they're
listed.
### Select by name
Select an `EnvironmentConfig` by name with `type: Reference`.
Define `ref.name` to match the exact name of the environment.
For example, select the `EnvironmentConfig` named `example-environment`:
```yaml {label="byName",copy-lines="all"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
mode: Pipeline
pipeline:
- step: environmentConfigs
functionRef:
name: function-environment-configs
input:
apiVersion: environmentconfigs.fn.crossplane.io/v1beta1
kind: Input
spec:
environmentConfigs:
- type: Reference
ref:
name: example-environment
```
### Select by label
Select an `EnvironmentConfig` by labels with a `type: Selector`.
Define `selector.matchLabels` to a list of selectors either of type `Value`, or `FromCompositeFieldPath`.
When matching the label's value, provide an exact value with a
`type: Value` and provide the value to match in the `value` field.
[function-environment-configs] can also match a label's value based on an input
in the composite resource. Use `type: FromCompositeFieldPath` and provide the
field to match in the `valueFromFieldPath` field.
```yaml {label="byLabel",copy-lines="all"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
mode: Pipeline
pipeline:
- step: environmentConfigs
functionRef:
name: function-environment-configs
input:
apiVersion: environmentconfigs.fn.crossplane.io/v1beta1
kind: Input
spec:
environmentConfigs:
- type: Selector
selector:
matchLabels:
- key: my-label-key
type: Value
value: my-label-value
- key: my-label-key
type: FromCompositeFieldPath
valueFromFieldPath: spec.parameters.deploy
# Removed for brevity
```
#### Manage selector results
Selecting environments by labels may return more than one environment.
[function-environment-configs], by default, sorts all the results by name and
only uses the first environment in the sorted list.
Set the `selector.mode` to `Multiple` to return all matched EnvironmentConfigs.
Use `mode: Single` to return a single environment, and error out if more than
one match is found.
Sorting and the selection mode only applies to a single `Selector`.
```yaml {label="selectResults"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
mode: Pipeline
pipeline:
- step: environmentConfigs
functionRef:
name: function-environment-configs
input:
apiVersion: environmentconfigs.fn.crossplane.io/v1beta1
kind: Input
spec:
environmentConfigs:
- type: Selector
selector:
mode: Multiple
matchLabels:
- key: my-label-key
type: Value
value: my-label-value
- key: my-label-key
type: FromCompositeFieldPath
valueFromFieldPath: spec.parameters.deploy
- type: Selector
selector:
mode: Single
matchLabels:
- key: my-other-label-key
type: Value
value: my-other-label-value
- key: my-other-label-key
type: FromCompositeFieldPath
valueFromFieldPath: spec.parameters.deploy
```
When using `mode: Multiple` limit the number of returned `EnvironmentConfigs`
with `maxMatch` and define the maximum number to select.
Use `minMatch` and define the minimum number of environments returned.
The Function sorts the returned environments alphabetically by name by default.
Sort the environments on a different field with `sortByFieldPath` and define
the field to sort by.
```yaml {label="maxMatch"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
mode: Pipeline
pipeline:
- step: environmentConfigs
functionRef:
name: function-environment-configs
input:
apiVersion: environmentconfigs.fn.crossplane.io/v1beta1
kind: Input
spec:
environmentConfigs:
- type: Selector
selector:
mode: Multiple
maxMatch: 4
sortByFieldPath: metadata.annotations[sort.by/weight]
matchLabels:
- key: my-label-key
type: Value
value: my-label-value
- key: my-label-key
type: FromCompositeFieldPath
valueFromFieldPath: spec.parameters.deploy
```
The EnvironmentConfigs selected by `matchLabels` are then merged with all the
other ones specified.
#### Optional selector labels
By default, Crossplane issues an error if the specified `valueFromFieldPath`
field doesn't exist in the composite resource.
Set `fromFieldPathPolicy` to `Optional` to ignore a field if it doesn't exist.
```yaml {label="byLabelOptional",copy-lines="all"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
mode: Pipeline
pipeline:
- step: environmentConfigs
functionRef:
name: function-environment-configs
input:
apiVersion: environmentconfigs.fn.crossplane.io/v1beta1
kind: Input
spec:
environmentConfigs:
- type: Selector
selector:
mode: Multiple
maxMatch: 4
sortByFieldPath: metadata.annotations[sort.by/weight]
matchLabels:
- key: my-label-key
type: Value
value: my-label-value
- key: my-label-key
type: FromCompositeFieldPath
valueFromFieldPath: spec.parameters.deploy
fromFieldPathPolicy: Optional
# Removed for brevity
```
Set a default value for an optional label by setting the default `value` for
the `key` first using a `Value` selector, then define the `Optional`
`FromCompositeFieldPath` one.
For example, the Composition below defines `value: my-default-value` for the key
`my-second-label-key`. If the Composite resource defines
`spec.parameters.deploy`, [function-environment-configs] will use that instead.
```yaml {label="byLabelOptionalDefault",copy-lines="all"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
mode: Pipeline
pipeline:
- step: environmentConfigs
functionRef:
name: function-environment-configs
input:
apiVersion: environmentconfigs.fn.crossplane.io/v1beta1
kind: Input
spec:
environmentConfigs:
- type: Selector
selector:
matchLabels:
- key: my-first-label-key
type: Value
value: my-label-value
- key: my-second-label-key
type: Value
value: my-default-value
- key: my-second-label-key
type: FromCompositeFieldPath
valueFromFieldPath: spec.parameters.deploy
fromFieldPathPolicy: Optional
# Removed for brevity
```
{{<hint "warning" >}}
[function-environment-configs](https://github.com/crossplane-contrib/function-environment-configs)
applies values in order. The value of the last key defined always takes precedence.
Defining the default value _after_ the label always overwrites the label
value.
{{< /hint >}}
## Patching with EnvironmentConfigs using function-patch-and-transform
`EnvironmentConfigs` selected as explained above, are then merged in an
`in-memory environment` by [function-environment-configs] and passed to the
next function in the pipeline at a well known key,
`apiextensions.crossplane.io/environment`.
[function-patch-and-transform] can be used to read or write data between the in-memory environment and
composite resource or individual composed resources.
{{<hint "tip" >}}
The Patch and Transform function can use the environment to patch composed
resources. Read about EnvironmentConfig patch types in the
[Patch and Transform function documentation]({{<ref "../guides/function-patch-and-transform">}}).
{{< /hint >}}
### Patch between Composite resource and environment
To patch between Composite resource and environment define patches at
`spec.environment.patches` in the `Resources` input of [function-patch-and-transform].
Use the `ToCompositeFieldPath` patch type to copy data from the in-memory
environment to the Composite resource. Use the `FromCompositeFieldPath` to
copy data from the Composite resource to the in-memory environment.
```yaml {label="xrpatch",copy-lines="none"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
mode: Pipeline
pipeline:
# Removed for Brevity
- step: patch-and-transform
functionRef:
name: function-patch-and-transform
input:
apiVersion: pt.fn.crossplane.io/v1beta1
kind: Resources
environment:
patches:
- type: ToCompositeFieldPath
fromFieldPath: tags
toFieldPath: metadata.labels[envTag]
- type: FromCompositeFieldPath
fromFieldPath: metadata.name
toFieldPath: newEnvironmentKey
# Removed for Brevity
```
Individual resources can use any data written to the in-memory environment.
`CombineFromComposite` and `CombineToComposite` can be used to combine multiple
values and write the result either to the in-memory environment or the
Composite resource, respectively.
### Patch an individual resource
To patch between individual resources and the in-memory environment, inside the
patches of the resource, use `ToEnvironmentFieldPath` to copy data from the
resource to the in-memory environment. Use `FromEnvironmentFieldPath` to copy
data to the resource from the in-memory environment.
```yaml {label="envpatch",copy-lines="none"}
apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
name: example-composition
spec:
mode: Pipeline
pipeline:
# Removed for Brevity
- step: patch-and-transform
functionRef:
name: function-patch-and-transform
input:
apiVersion: pt.fn.crossplane.io/v1beta1
kind: Resources
# Removed for Brevity
resources:
- name: vpc
base:
apiVersion: ec2.aws.upbound.io/v1beta1
kind: VPC
spec:
forProvider:
cidrBlock: 172.16.0.0/16
patches:
- type: ToEnvironmentFieldPath
fromFieldPath: status.atProvider.id
toFieldPath: vpcId
- type: FromEnvironmentFieldPath
fromFieldPath: tags
toFieldPath: spec.forProvider.tags
```
{{<hint "tip" >}}
The [Patch and Transform]({{<ref "../guides/function-patch-and-transform">}}) documentation has more information on patching individual resources.
{{< /hint >}}
[extra-resources]: {{<ref "./compositions">}}
[function-environment-configs]: https://github.com/crossplane-contrib/function-environment-configs
[function-patch-and-transform]: {{<ref "../guides/function-patch-and-transform">}}
[function-go-templating]: https://github.com/crossplane-contrib/function-go-templating
[Composition Functions]: {{<ref "./compositions">}}
[Context]: {{<ref "./compositions/#function-pipeline-context">}}

214
content/v1.20/concepts/image-configs.md Normal file
View File

@ -0,0 +1,214 @@
---
title: Image Configs
weight: 400
description: "Image Configs is an API for centralized control of the configuration of Crossplane package images."
---
<!-- vale write-good.Passive = NO -->
`ImageConfig` is an API for centralized control over the configuration of
Crossplane package images. It allows you to configure package manager behavior
for images globally, without needing to be referenced by other objects.
## Configuring a pull secret
You can use `ImageConfig` to inject a pull secret into the Crossplane package
manager registry client whenever it interacts with the registry, such as for
dependency resolution or image pulls.
In the following example, the `ImageConfig` resource named `acme-packages` is
configured to inject the pull secret named `acme-registry-credentials` whenever
it needs to interact with the registry for images with the prefix
`registry1.com/acme-co/`.
```yaml
apiVersion: pkg.crossplane.io/v1beta1
kind: ImageConfig
metadata:
name: acme-packages
spec:
matchImages:
- type: Prefix
prefix: registry1.com/acme-co/
registry:
authentication:
pullSecretRef:
name: acme-registry-credentials
```
`spec.registry.authentication.pullSecretRef` is a reference to the pull secret
that should be injected into the registry client. The secret must be of type
`kubernetes.io/dockerconfigjson` and must be in the Crossplane installation
namespace, typically `crossplane-system`. One can create the secret using the
following command:
```shell
kubectl -n crossplane-system create secret docker-registry acme-registry-credentials --docker-server=registry1.com --docker-username=<user> --docker-password=<password>
```
### Matching image references
`spec.matchImages` is a list of image references that the `ImageConfig` applies
to. Each item in the list specifies the type and configuration of the image
reference to match. The only supported type is `Prefix`, which matches the
prefix of the image reference. No wildcards are supported. The `type` defaults
to `Prefix` and can be omitted.
When there are multiple `ImageConfigs` matching an image reference, the one
with the longest matching prefix is selected. If there are multiple
`ImageConfigs` with the same longest matching prefix, one of them is selected
arbitrarily. Please note that this situation occurs only if there are
overlapping prefixes in the `matchImages` lists of different `ImageConfig`
resources, which should be avoided.
### Debugging
When the package manager selects an `ImageConfig` for a package, it throws an
event with the reason `ImageConfigSelection` and the name of the selected
`ImageConfig` and injected pull secret. You can find these events both on the
package and package revision resources.
For example, the following event indicates that the `ImageConfig` named
`acme-packages` was selected for the configuration named `acme-configuration-foo`:
```shell
$ kubectl describe configuration acme-configuration-foo
...
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ImageConfigSelection 45s packages/configuration.pkg.crossplane.io Selected pullSecret "acme-registry-credentials" from ImageConfig "acme-packages" for registry authentication
```
If you can't find the expected event, ensure the prefix of the image reference
matches the `matchImages` list of any `ImageConfig` resources in the cluster.
## Configuring signature verification
{{<hint "important" >}}
Signature verification is an alpha feature and needs to be enabled with the
`--enable-signature-verification` feature flag.
{{< /hint >}}
You can use `ImageConfig` to configure signature verification for images. When
signature verification is enabled, the package manager verifies the signature of
each image before pulling it. If the signature isn't valid, the package manager
rejects the package deployment.
In the following example, the `ImageConfig` resource named `verify-acme-packages`
is configured to verify the signature of images with the prefixes
`registry1.com/acme-co/configuration-foo` and
`registry1.com/acme-co/configuration-bar`.
In the example below, the `ImageConfig` resource named `verify-acme-packages` is
set up to verify the signatures of images with the prefixes
`registry1.com/acme-co/configuration-foo` and `registry1.com/acme-co/configuration-bar`.
```yaml
apiVersion: pkg.crossplane.io/v1beta1
kind: ImageConfig
metadata:
name: verify-acme-packages
spec:
matchImages:
- type: Prefix
prefix: registry1.com/acme-co/configuration-foo
- type: Prefix
prefix: registry1.com/acme-co/configuration-bar
verification:
provider: Cosign
cosign:
authorities:
- name: verify acme packages
keyless:
identities:
- issuer: https://token.actions.githubusercontent.com
subject: https://github.com/acme-co/crossplane-packages/.github/workflows/supplychain.yml@refs/heads/main
attestations:
- name: verify attestations
predicateType: spdxjson
```
`spec.verification.provider` specifies the signature verification provider.
The only supported provider is `Cosign`. `spec.verification.cosign` contains the
configuration for the Cosign provider. The `authorities` field contains the
configuration for the authorities that sign the images. The `attestations` field
contains the configuration for verifying the attestations of the images.
The `ImageConfig` API follows the same API shape as [Policy Controller](https://docs.sigstore.dev/policy-controller/overview/)
from [Sigstore](https://docs.sigstore.dev/). Crossplane initially supports a
subset of the Policy Controller configuration options which can be found in the
[API reference](https://docs.crossplane.io/master/api/#ImageConfig-spec-verification-cosign)
for the `ImageConfig` resource together with their descriptions.
When multiple authorities are provided, the package manager verifies the
signature against each authority until it finds a valid one. If any of the
authorities' signatures are valid, the package manager accepts the image.
Similarly, when multiple identities or attestations are provided, the package
manager verifies until it finds a valid match and fails if none of them matches.
Matching the image reference to the `ImageConfig` works similarly to the pull
secret configuration, as described in the previous section.
### Checking the signature verification status
When signature verification is enabled, the respective controller reports the
verification status as a condition of type `Verified` on the package revision
resources. This condition indicates whether the signature verification was
successful, failed, skipped, or incomplete due to an error.
#### Example conditions
**Verification skipped:** The package manager skipped signature verification for
the package revision because there were no matching `ImageConfig` with signature
verification configuration.
```yaml
- lastTransitionTime: "2024-10-23T16:38:51Z"
reason: SignatureVerificationSkipped
status: "True"
type: Verified
```
**Verification successful:** The package manager successfully verified the
signature of the image in the package revision.
```yaml
- lastTransitionTime: "2024-10-23T16:43:05Z"
message: Signature verification succeeded with ImageConfig named "verify-acme-packages"
reason: VerificationSucceeded
status: "True"
type: Verified
```
**Verification failed:** The package manager failed to verify the signature of
the image in the package revision.
```yaml
- lastTransitionTime: "2024-10-23T16:42:44Z"
message: 'Signature verification failed with ImageConfig named "verify-acme-packages":
[signature keyless validation failed for authority verify acme packages
for registry1.com/acme-co/configuration-foo:v0.2.0: no signatures found: ]'
reason: SignatureVerificationFailed
status: "False"
type: Verified
```
**Verification incomplete:** The package manager encountered an error while
verifying the signature of the image in the package revision.
```yaml
- lastTransitionTime: "2024-10-23T16:44:22Z"
message: 'Error occurred during signature verification cannot get image verification
config: cannot get cosign verification config: no data found for key "cosign.pub"
in secret "cosign-public-key"'
reason: SignatureVerificationIncomplete
status: "False"
type: Verified
```
If you can't see this condition on the package revision resource, namely
`ProviderRevision`, `ConfigurationRevision`, or `FunctionRevision`, ensure that
the feature is enabled.
<!-- vale write-good.Passive = YES -->

2
content/v1.17/concepts/managed-resources.md → content/v1.20/concepts/managed-resources.md
View File

@ -35,7 +35,7 @@ Provider also define the available settings of a managed resource.
Each managed resource is a unique API endpoint with their own
group, kind and version.
For example [provider-upjet-aws](https://github.com/crossplane-contrib/provider-upjet-aws)
For example the [AWS Provider](https://github.com/crossplane-contrib/provider-upjet-aws)
defines the {{<hover label="gkv" line="2">}}Instance{{</hover>}} kind from the
group {{<hover label="gkv" line="1">}}ec2.aws.upbound.io{{</hover>}}

69
content/v1.17/concepts/packages.md → content/v1.20/concepts/packages.md
View File

@ -6,7 +6,7 @@ weight: 200
---
A _Configuration_ package is an
[OCI container images](https://opencontainers.org/) containing a collection of
[OCI container image](https://opencontainers.org/) containing a collection of
[Compositions]({{<ref "./compositions" >}}),
[Composite Resource Definitions]({{<ref "./composite-resource-definitions" >}})
and any required [Providers]({{<ref "./providers">}}) or
@ -53,6 +53,20 @@ spec:
package: xpkg.crossplane.io/crossplane-contrib/configuration-quickstart:v0.1.0
```
{{<hint "tip" >}}
Crossplane supports installations with image digests instead of tags to get deterministic
and repeatable installations.
```yaml {label="digest"}
apiVersion: pkg.crossplane.io/v1
kind: Configuration
metadata:
name: configuration-quickstart
spec:
package: xpkg.crossplane.io/crossplane-contrib/configuration-quickstart@sha256:ef9795d146190637351a5c5848e0bab5e0c190fec7780f6c426fbffa0cb68358
```
{{< /hint >}}
Crossplane installs the Compositions, Composite Resource Definitions and
Providers listed in the Configuration.
@ -65,7 +79,7 @@ Use the
{{<hover label="helm" line="5" >}}--set configuration.packages{{</hover >}}
argument with `helm install`.
For example, to install the Getting Started Configuration,
For example, to install the Getting Started configuration,
```shell {label="helm"}
helm install crossplane \
@ -77,7 +91,7 @@ crossplane-stable/crossplane \
### Install offline
Installing Crossplane packages offline requires a local container registry like
Installing Crossplane packages offline requires a local container registry, such as
[Harbor](https://goharbor.io/) to host the packages. Crossplane only
supports installing packages from a container registry.
@ -260,6 +274,47 @@ spec:
# Removed for brevity
```
#### Automatically update dependency versions
Crossplane can automatically upgrade a package's dependency version to the minimum
valid version that satisfies all the constraints. It's an alpha feature that
requires enabling with the `--enable-dependency-version-upgrades` flag.
In some cases, dependency version downgrade is required for proceeding with
installations. Suppose configuration A, which depends on package X with the
constraint`>=v0.0.0`, is installed on the control plane. In this case, the package
manager installs the latest version of package X, such as `v3.0.0`. Later, you decide
to install configuration B, which depends on package X with the constraint `<=v2.0.0`.
Since version `v2.0.0` satisfies both conditions, package X must be downgraded to
allow the installation of configuration B which is disabled by default.
Automatic dependency version downgrades is also an alpha feature that can be
enabled with the `--enable-dependency-version-downgrades` flag. Downgrading a
package can cause unexpected behavior, therefore, this option is disabled by
default. After enabling this option, the package manager will automatically
downgrade a package's dependency version to the maximum valid version that
satisfies the constraints.
{{<hint "note" >}}
This configuration requires the `--enable-dependency-version-upgrades` flag.
Please check the
[configuration options]({{<ref "../software/install#customize-the-crossplane-helm-chart">}})
and
[feature flags]({{<ref "../software/install#feature-flags">}})
are available in the
[Crossplane Install]({{<ref "../software/install">}})
section for more details.
{{</hint >}}
{{<hint "important" >}}
Enabling automatic dependency downgrades may have unintended consequences, such as:
1) CRDs missing in the downgraded version, possibly leaving orphaned MRs without
controllers to reconcile them.
2) Loss of data if downgraded CRD versions omit fields that were set before.
3) Changes in the CRD storage version, which may prevent package version update.
{{</hint >}}
#### Ignore Crossplane version requirements
A Configuration package may require a specific or minimum Crossplane version
@ -338,7 +393,7 @@ Status:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning LintPackage 29s (x2 over 29s) packages/configurationrevision.pkg.crossplane.io incompatible Crossplane version: package is not compatible with Crossplane version (v1.12.0)
Warning LintPackage 29s (x2 over 29s) packages/configurationrevision.pkg.crossplane.io incompatible Crossplane version: package isn't compatible with Crossplane version (v1.12.0)
```
The {{<hover label="depend" line="18">}}Events{{</hover>}} show a
@ -409,7 +464,9 @@ metadata:
name: test-configuration
spec:
dependsOn:
- provider: xpkg.crossplane.io/crossplane-contrib/provider-aws
- apiVersion: pkg.crossplane.io/v1
kind: Provider
package: xpkg.crossplane.io/crossplane-contrib/provider-aws
version: ">=v0.36.0"
crossplane:
version: ">=v1.12.1-0"
@ -436,7 +493,7 @@ Including YAML files that aren't Compositions or CompositeResourceDefinitions,
including Claims isn't supported.
{{</hint >}}
By default, Crossplane creates an `.xpkg` file of the Configuration name and
By default, Crossplane creates a `.xpkg` file of the Configuration name and
a SHA-256 hash of the package contents.
For example, a {{<hover label="xpkgName" line="2">}}Configuration{{</hover>}}

0
content/v1.17/concepts/pods.md → content/v1.20/concepts/pods.md
View File

55
content/v1.17/concepts/providers.md → content/v1.20/concepts/providers.md
View File

@ -125,6 +125,20 @@ volumes.
Providers support multiple configuration options to change installation related
settings.
{{<hint "tip" >}}
Crossplane supports installations with image digests instead of tags to get deterministic
and repeatable installations.
```yaml {label="digest"}
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
name: provider-aws
spec:
package: xpkg.crossplane.io/crossplane-contrib/provider-aws@sha256:ee6bece46dbb54cc3f0233961f5baac317fa4e4a81b41198bdc72fc472d113d0
```
{{< /hint >}}
#### Provider pull policy
Use a {{<hover label="pullpolicy" line="6">}}packagePullPolicy{{</hover>}} to
@ -283,6 +297,47 @@ spec:
# Removed for brevity
```
#### Automatically update dependency versions
Crossplane can automatically upgrade a package's dependency version to the minimum
valid version that satisfies all the constraints. It's an alpha feature that
requires enabling with the `--enable-dependency-version-upgrades` flag.
In some cases, dependency version downgrade is required for proceeding with
installations. Suppose configuration A, which depends on package X with the
constraint`>=v0.0.0`, is installed on the control plane. In this case, the package
manager installs the latest version of package X, such as `v3.0.0`. Later, you decide
to install configuration B, which depends on package X with the constraint `<=v2.0.0`.
Since version `v2.0.0` satisfies both conditions, package X must be downgraded to
allow the installation of configuration B which is disabled by default.
Automatic dependency version downgrades is also an alpha feature that can be
enabled with the `--enable-dependency-version-downgrades` flag. Downgrading a
package can cause unexpected behavior, therefore, this option is disabled by
default. After enabling this option, the package manager will automatically
downgrade a package's dependency version to the maximum valid version that
satisfies the constraints.
{{<hint "note" >}}
This configuration requires the `--enable-dependency-version-upgrades` flag.
Please check the
[configuration options]({{<ref "../software/install#customize-the-crossplane-helm-chart">}})
and
[feature flags]({{<ref "../software/install#feature-flags">}})
are available in the
[Crossplane Install]({{<ref "../software/install">}})
section for more details.
{{</hint >}}
{{<hint "important" >}}
Enabling automatic dependency downgrades may have unintended consequences, such as:
1) CRDs missing in the downgraded version, possibly leaving orphaned MRs without
controllers to reconcile them.
2) Loss of data if downgraded CRD versions omit fields that were set before.
3) Changes in the CRD storage version, which may prevent package version update.
{{</hint >}}
#### Ignore Crossplane version requirements
A Provider package may require a specific or minimum Crossplane version before

0
content/v1.17/concepts/server-side-apply.md → content/v1.20/concepts/server-side-apply.md
View File

27
content/v1.17/concepts/usages.md → content/v1.20/concepts/usages.md
View File

@ -1,8 +1,9 @@
---
title: Usages
weight: 95
state: alpha
state: beta
alphaVersion: "1.14"
betaVersion: "1.19"
description: "Usage defines a usage relationship for Managed Resources or Composites"
---
@ -19,12 +20,14 @@ first use case and the section [Usage for Deletion Ordering](#usage-for-deletion
for the second one.
## Enable usages
Usages are an alpha feature. Alpha features aren't enabled by default.
<!-- vale write-good.Passive = NO -->
Usages are a beta feature. Beta features are enabled by default.
<!-- vale write-good.Passive = YES -->
Enable `Usage` support by
Disable `Usage` support by
[changing the Crossplane pod setting]({{<ref "./pods#change-pod-settings">}})
and enabling
{{<hover label="deployment" line="12">}}--enable-usages{{</hover>}}
and setting
{{<hover label="deployment" line="12">}}--enable-usages=false{{</hover>}}
argument.
```yaml {label="deployment",copy-lines="12"}
@ -39,7 +42,7 @@ spec:
- args:
- core
- start
- --enable-usages
- --enable-usages=false
```
{{<hint "tip" >}}
@ -85,7 +88,7 @@ any deletion request with the
{{<hover label="protect" line="11">}}reason{{</hover>}} defined.
```yaml {label="protect"}
apiVersion: apiextensions.crossplane.io/v1alpha1
apiVersion: apiextensions.crossplane.io/v1beta1
kind: Usage
metadata:
name: protect-production-database
@ -106,7 +109,7 @@ any deletion request before the deletion of
{{<hover label="order" line="15">}}my-prometheus-chart{{</hover>}} resource.
```yaml {label="order"}
apiVersion: apiextensions.crossplane.io/v1alpha1
apiVersion: apiextensions.crossplane.io/v1beta1
kind: Usage
metadata:
name: release-uses-cluster
@ -132,7 +135,7 @@ This enables using {{<hover label="selectors" line="12">}}labels{{</hover>}} or
to define resource instead of providing the resource name.
```yaml {label="selectors"}
apiVersion: apiextensions.crossplane.io/v1alpha1
apiVersion: apiextensions.crossplane.io/v1beta1
kind: Usage
metadata:
name: release-uses-cluster
@ -166,7 +169,7 @@ random resource is selected from the list of matched resources.
{{< /hint >}}
```yaml {label="selectors-resolved"}
apiVersion: apiextensions.crossplane.io/v1alpha1
apiVersion: apiextensions.crossplane.io/v1beta1
kind: Usage
metadata:
name: release-uses-cluster
@ -197,7 +200,7 @@ Replaying the blocked deletion is possible by setting the
{{<hover label="replay" line="6">}}replayDeletion{{</hover>}} field to `true`.
```yaml {label="replay"}
apiVersion: apiextensions.crossplane.io/v1alpha1
apiVersion: apiextensions.crossplane.io/v1beta1
kind: Usage
metadata:
name: release-uses-cluster
@ -261,7 +264,7 @@ spec:
# Removed for brevity
- name: release-uses-cluster
base:
apiVersion: apiextensions.crossplane.io/v1alpha1
apiVersion: apiextensions.crossplane.io/v1beta1
kind: Usage
spec:
replayDeletion: true

0
content/v1.17/getting-started/_index.md → content/v1.20/getting-started/_index.md
View File

2
content/v1.17/getting-started/install-crossplane-include.md → content/v1.20/getting-started/install-crossplane-include.md
View File

@ -1112,7 +1112,7 @@ kubectl api-resources | grep crossplane
compositeresourcedefinitions xrd,xrds apiextensions.crossplane.io/v1 false CompositeResourceDefinition
compositionrevisions comprev apiextensions.crossplane.io/v1 false CompositionRevision
compositions comp apiextensions.crossplane.io/v1 false Composition
environmentconfigs envcfg apiextensions.crossplane.io/v1alpha1 false EnvironmentConfig
environmentconfigs envcfg apiextensions.crossplane.io/v1beta1 false EnvironmentConfig
usages apiextensions.crossplane.io/v1alpha1 false Usage
configurationrevisions pkg.crossplane.io/v1 false ConfigurationRevision
configurations pkg.crossplane.io/v1 false Configuration

0
content/v1.17/getting-started/introduction.md → content/v1.20/getting-started/introduction.md
View File

0
content/v1.17/getting-started/provider-aws-part-2.md → content/v1.20/getting-started/provider-aws-part-2.md
View File

0
content/v1.17/getting-started/provider-aws.md → content/v1.20/getting-started/provider-aws.md
View File

0
content/v1.17/getting-started/provider-azure-part-2.md → content/v1.20/getting-started/provider-azure-part-2.md
View File

0
content/v1.17/getting-started/provider-azure.md → content/v1.20/getting-started/provider-azure.md
View File

0
content/v1.17/getting-started/provider-gcp-part-2.md → content/v1.20/getting-started/provider-gcp-part-2.md
View File

0
content/v1.17/getting-started/provider-gcp.md → content/v1.20/getting-started/provider-gcp.md
View File

0
content/v1.17/guides/_index.md → content/v1.20/guides/_index.md
View File

271
content/v1.20/guides/change-logs.md Normal file
View File

@ -0,0 +1,271 @@
---
title: Change Logs
weight: 210
description: "Change logs help you audit all changes made to your resources"
state: alpha
alphaVersion: "1.17"
---
The "change logs" feature is designed to help users of Crossplane Providers to
understand what changes a provider is making to the resources it's managing.
Whenever a provider creates, updates, or deletes a managed resource, an entry
explaining the details of the change is recorded in the provider's change log.
Change logs are important for awareness of the changes that a provider is
making to its managed resources. Due to the nature of Crossplane's active
reconciliation, it's possible for a provider to make changes to managed
resources without any user interaction. Consider the scenario when someone
updates a resource outside of Crossplane, for example via the AWS console or
`gcloud` CLI. When Crossplane detects this configuration drift it will
enforce its source of truth to eventually correct this unexpected change
without any user interaction.
With Crossplane acting continuously and autonomously to update critical
infrastructure, it's vital for users to have insight into the operations being
performed, so they can build and maintain a strong sense of confidence and trust
in their control planes. Change logs provide details about all changes the
provider makes, so users can remain aware of any changes, even when they aren't
explicitly expecting any.
{{<hint "tip">}} Change logs help you understand all the changes a provider is
making to your resources, even when changes weren't explicitly requested, for
example as a result of Crossplane's automatic correction of configuration drift.
{{</hint>}}
## Enabling Change Logs
{{<hint "important" >}} Change logs are an alpha feature and must be explicitly
enabled for each provider through the use of a `DeploymentRuntimeConfig`.
{{</hint >}}
To enable change logs for a provider, use a `DeploymentRuntimeConfig` to
configure each provider pod that should start producing change logs. The
`DeploymentRuntimeConfig` has a few important configuration details:
1. A command line argument to the provider container that enables the change
logs feature, for example `--enable-changelogs`.
1. A [side car container](https://github.com/crossplane/changelogs-sidecar) that
collects change events and produces change log entries to the provider's pod
logs.
1. A shared volume mounted to both the provider and sidecar containers that
enables communication of change events between the two containers.
### Prerequisites
This guide assumes you have a control plane with [Crossplane installed]({{<ref "../software/install">}}).
It also assumes you have the [`jq` tool installed](https://jqlang.org/download/),
to perform lightweight querying and filtering of the content in the change logs.
The only other prerequisite for enabling change logs is that the provider must
have added support for the change logs feature. This is optional and not all
providers in the Crossplane ecosystem have added this support yet.
{{<hint "tip">}} Not all providers support the change logs feature. Check with
your provider of choice to confirm it has added support for change logs.
{{</hint>}}
This guide walks through a full example of generating change logs with
[`provider-kubernetes`](https://github.com/crossplane-contrib/provider-kubernetes).
### Create a `DeploymentRuntimeConfig`
Create a `DeploymentRuntimeConfig` that will enable change logs for
the provider when it's installed by performing the necessary configuration
steps:
1. The {{<hover label="drc" line="15">}}--enable-changelogs{{</hover>}} flag is
set on the provider.
1. The {{<hover label="drc" line="19">}}sidecar container{{</hover>}} is added
to the provider pod.
1. A {{<hover label="drc" line="24">}}shared volume{{</hover>}} is declared and
then mounted in the {{<hover label="drc" line="16">}}provider
container{{</hover>}} and the {{<hover label="drc" line="21">}}sidecar
container{{</hover>}}.
```yaml {label="drc",copy-lines="all"}
cat <<EOF | kubectl apply -f -
apiVersion: pkg.crossplane.io/v1beta1
kind: DeploymentRuntimeConfig
metadata:
name: enable-changelogs
spec:
deploymentTemplate:
spec:
selector: {}
template:
spec:
containers:
- name: package-runtime
args:
- --enable-changelogs
volumeMounts:
- name: changelogs-vol
mountPath: /var/run/changelogs
- name: changelogs-sidecar
image: xpkg.crossplane.io/crossplane/changelogs-sidecar:v0.0.1
volumeMounts:
- name: changelogs-vol
mountPath: /var/run/changelogs
volumes:
- name: changelogs-vol
emptyDir: {}
serviceAccountTemplate:
metadata:
name: provider-kubernetes
EOF
```
### Install the provider
Install the {{<hover label="provider" line="7">}}provider{{</hover>}} and
instruct it to use the {{<hover label="provider" line="8">}}DeploymentRuntimeConfig{{</hover>}}
that was just created.
```yaml {label="provider",copy-lines="all"}
cat <<EOF | kubectl apply -f -
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
name: provider-kubernetes
spec:
package: xpkg.crossplane.io/crossplane-contrib/provider-kubernetes:v0.18.0
runtimeConfigRef:
apiVersion: pkg.crossplane.io/v1beta1
kind: DeploymentRuntimeConfig
name: enable-changelogs
EOF
```
### Configure permissions
In order for the provider to create Kubernetes resources within the control
plane, it must be granted the appropriate permissions. This guide only creates a
`ConfigMap`, so only permissions for that resource type are needed.
{{<hint "important">}} This guide grants specific permissions to the provider
for example purposes. This approach isn't intended to be representative of a
production environment. More examples on configuring `provider-kubernetes` can
be found in its [examples directory](https://github.com/crossplane-contrib/provider-kubernetes/tree/main/examples/provider).
{{</hint>}}
```yaml {label="rbac",copy-lines="all"}
cat <<EOF | kubectl apply -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: configmap-edit
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- "*"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: provider-kubernetes-configmap-edit
subjects:
- kind: ServiceAccount
name: provider-kubernetes
namespace: crossplane-system
roleRef:
kind: ClusterRole
name: configmap-edit
apiGroup: rbac.authorization.k8s.io
---
apiVersion: kubernetes.crossplane.io/v1alpha1
kind: ProviderConfig
metadata:
name: default
spec:
credentials:
source: InjectedIdentity
EOF
```
### Create a resource
Now that the provider is installed and configured with change logs enabled,
create a resource that will generate change logs entries reflecting the actions
the control plane is taking.
```yaml {label="provider",copy-lines="all"}
cat <<EOF | kubectl apply -f -
apiVersion: kubernetes.crossplane.io/v1alpha2
kind: Object
metadata:
name: configmap-for-changelogs
spec:
forProvider:
manifest:
apiVersion: v1
kind: ConfigMap
metadata:
namespace: default
name: configmap-for-changelogs
data:
key-1: cool-value-1
EOF
```
### Examine the change logs
Check to see that the resource creation operation was recorded in the change
logs. Examine the pod logs for `provider-kubernetes`, specifically at the
`changelogs-sidecar` container:
```shell {label="changelogs-output-full",copy-lines="1"}
kubectl -n crossplane-system logs -l pkg.crossplane.io/provider=provider-kubernetes -c changelogs-sidecar | jq
{
"timestamp": "2025-04-25T08:23:34Z",
"provider": "provider-kubernetes:v0.18.0",
"apiVersion": "kubernetes.crossplane.io/v1alpha2",
"kind": "Object",
"name": "configmap-for-changelogs",
"externalName": "configmap-for-changelogs",
"operation": "OPERATION_TYPE_CREATE",
"snapshot": {
...(omitted for brevity)...
```
Each change log entry contains rich information about the state of the resource
when the change operation occurred. Since each entry is a structured `JSON`
object, they can be filtered and queried to find any subset of information you
are interested in:
```shell {label="changelogs-output-scoped",copy-lines="1-2"}
kubectl -n crossplane-system logs -l pkg.crossplane.io/provider=provider-kubernetes -c changelogs-sidecar \
| jq '.timestamp + " " + .provider + " " + .kind + " " + .name + " " + .operation'
"2025-04-25T08:23:34Z provider-kubernetes:v0.18.0 Object configmap-for-changelogs OPERATION_TYPE_CREATE"
```
### Full lifecycle operations
In addition to change log entries that record the creation of resources, update
and delete operations will also generate corresponding change log entries.
Update the resource by patching its data field `key-1` with a new value
`cooler-value-2`:
```shell {label="object-patch",copy-lines="1-2"}
kubectl patch object configmap-for-changelogs --type=json \
-p='[{"op": "replace", "path": "/spec/forProvider/manifest/data/key-1", "value": "cooler-value-2"}]'
object.kubernetes.crossplane.io/configmap-for-changelogs patched
```
Then, delete the object entirely:
```shell {label="object-delete",copy-lines="1"}
kubectl delete object configmap-for-changelogs
object.kubernetes.crossplane.io "configmap-for-changelogs" deleted
```
Check the change logs again to verify that both the update and delete operations
were recorded, and the full lifecycle of the object has been captured in the
change logs:
```shell {label="changelogs-output-final",copy-lines="1-2"}
kubectl -n crossplane-system logs -l pkg.crossplane.io/provider=provider-kubernetes -c changelogs-sidecar \
| jq '.timestamp + " " + .provider + " " + .kind + " " + .name + " " + .operation'
"2025-04-25T08:23:34Z provider-kubernetes:v0.18.0 Object configmap-for-changelogs OPERATION_TYPE_CREATE"
"2025-04-25T08:24:21Z provider-kubernetes:v0.18.0 Object configmap-for-changelogs OPERATION_TYPE_UPDATE"
"2025-04-25T08:24:25Z provider-kubernetes:v0.18.0 Object configmap-for-changelogs OPERATION_TYPE_DELETE"
```

0
content/v1.17/guides/crossplane-with-argo-cd.md → content/v1.20/guides/crossplane-with-argo-cd.md
View File

0
content/v1.17/guides/disaster-recovery.md → content/v1.20/guides/disaster-recovery.md
View File

13
content/v1.17/guides/function-patch-and-transform.md → content/v1.20/guides/function-patch-and-transform.md
View File

@ -391,11 +391,6 @@ Labels: crossplane.io/composite=my-example-claim-jp7rx
Crossplane uses EnvironmentConfigs to create in-memory data stores. Compositions
can read and write from this data store as part of the patch process.
{{<hint "important" >}}
EnvironmentConfigs are an alpha feature. Alpha features aren't enabled by
default.
{{< /hint >}}
EnvironmentConfigs can predefine data that Compositions can use or a composite
resource can write data to their in-memory environment for other resources to
read.
@ -619,7 +614,7 @@ spec:
{{< expand "Reference EnvironmentConfig" >}}
```yaml {copy-lines="all"}
apiVersion: apiextensions.crossplane.io/v1alpha1
apiVersion: apiextensions.crossplane.io/v1beta1
kind: EnvironmentConfig
metadata:
name: example-environment
@ -918,8 +913,6 @@ Spec:
<!-- vale Google.Headings = YES -->
{{<hint "important" >}}
EnvironmentConfigs are an alpha feature. They aren't enabled by default.
For more information about using an EnvironmentConfig, read the
[EnvironmentConfigs documentation]({{<ref "../concepts/environment-configs">}}).
{{< /hint >}}
@ -962,8 +955,6 @@ wrote the value to the environment.
<!-- vale Google.Headings = YES -->
{{<hint "important" >}}
EnvironmentConfigs are an alpha feature. They aren't enabled by default.
For more information about using an EnvironmentConfig, read the
[EnvironmentConfigs documentation]({{<ref "../concepts/environment-configs">}}).
{{< /hint >}}
@ -1032,8 +1023,6 @@ Annotations: EnvironmentPatch: value1-value2
<!-- vale Google.Headings = YES -->
{{<hint "important" >}}
EnvironmentConfigs are an alpha feature. They aren't enabled by default.
For more information about using an EnvironmentConfig, read the
[EnvironmentConfigs documentation]({{<ref "../concepts/environment-configs">}}).
{{< /hint >}}

0
content/v1.17/guides/import-existing-resources.md → content/v1.20/guides/import-existing-resources.md
View File

0
content/v1.17/guides/metrics.md → content/v1.20/guides/metrics.md
View File

0
content/v1.17/guides/multi-tenant.md → content/v1.20/guides/multi-tenant.md
View File

0
content/v1.17/guides/self-signed-ca-certs.md → content/v1.20/guides/self-signed-ca-certs.md
View File

1
content/v1.17/guides/troubleshoot-crossplane.md → content/v1.20/guides/troubleshoot-crossplane.md
View File

@ -13,7 +13,6 @@ some Crossplane API has been graduated from alpha to beta or stable and the old
plugin isn't aware of this change.
## Resource Status and Conditions
Most Crossplane resources have a `status` section that can represent the current

0
content/v1.17/guides/vault-as-secret-store.md → content/v1.20/guides/vault-as-secret-store.md
View File

0
content/v1.17/guides/vault-injection.md → content/v1.20/guides/vault-injection.md
View File

0
content/v1.17/guides/write-a-composition-function-in-go.md → content/v1.20/guides/write-a-composition-function-in-go.md
View File

0
content/v1.17/guides/write-a-composition-function-in-python.md → content/v1.20/guides/write-a-composition-function-in-python.md
View File

0
content/v1.17/learn/_index.md → content/v1.20/learn/_index.md
View File

0
content/v1.17/learn/feature-lifecycle.md → content/v1.20/learn/feature-lifecycle.md
View File

0
content/v1.17/learn/release-cycle.md → content/v1.20/learn/release-cycle.md
View File

0
content/v1.17/software/_index.md → content/v1.20/software/_index.md
View File

26
content/v1.17/software/install.md → content/v1.20/software/install.md
View File

@ -132,6 +132,9 @@ Apply customizations with the command line or with a Helm _values_ file.
| `extraVolumeMountsCrossplane` | Add custom `volumeMounts` to the Crossplane pod. | `{}` |
| `extraVolumesCrossplane` | Add custom `volumes` to the Crossplane pod. | `{}` |
| `function.packages` | A list of Function packages to install | `[]` |
| `functionCache.medium` | Set to `Memory` to hold the function cache in a RAM backed file system. Useful for Crossplane development. | `""` |
| `functionCache.pvc` | The name of a PersistentVolumeClaim to use as the function cache. Disables the default function cache `emptyDir` Volume. | `""` |
| `functionCache.sizeLimit` | The size limit for the function cache. If medium is `Memory` the `sizeLimit` can't exceed Node memory. | `"512Mi"` |
| `hostNetwork` | Enable `hostNetwork` for the Crossplane deployment. Caution: enabling `hostNetwork` grants the Crossplane Pod access to the host network namespace. Consider setting `dnsPolicy` to `ClusterFirstWithHostNet`. | `false` |
| `image.pullPolicy` | The image pull policy used for Crossplane and RBAC Manager pods. | `"IfNotPresent"` |
| `image.repository` | Repository for the Crossplane pod image. | `"xpkg.crossplane.io/crossplane/crossplane"` |
@ -139,6 +142,7 @@ Apply customizations with the command line or with a Helm _values_ file.
| `imagePullSecrets` | The imagePullSecret names to add to the Crossplane ServiceAccount. | `[]` |
| `leaderElection` | Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election) for the Crossplane pod. | `true` |
| `metrics.enabled` | Enable Prometheus path, port and scrape annotations and expose port 8080 for both the Crossplane and RBAC Manager pods. | `false` |
| `metrics.port` | The port the metrics server listens on. | `""` |
| `nodeSelector` | Add `nodeSelectors` to the Crossplane pod deployment. | `{}` |
| `packageCache.configMap` | The name of a ConfigMap to use as the package cache. Disables the default package cache `emptyDir` Volume. | `""` |
| `packageCache.medium` | Set to `Memory` to hold the package cache in a RAM backed file system. Useful for Crossplane development. | `""` |
@ -154,9 +158,11 @@ Apply customizations with the command line or with a Helm _values_ file.
| `rbacManager.leaderElection` | Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election) for the RBAC Manager pod. | `true` |
| `rbacManager.nodeSelector` | Add `nodeSelectors` to the RBAC Manager pod deployment. | `{}` |
| `rbacManager.replicas` | The number of RBAC Manager pod `replicas` to deploy. | `1` |
| `rbacManager.revisionHistoryLimit` | The number of RBAC Manager ReplicaSets to retain. | `nil` |
| `rbacManager.skipAggregatedClusterRoles` | Don't install aggregated Crossplane ClusterRoles. | `false` |
| `rbacManager.tolerations` | Add `tolerations` to the RBAC Manager pod deployment. | `[]` |
| `rbacManager.topologySpreadConstraints` | Add `topologySpreadConstraints` to the RBAC Manager pod deployment. | `[]` |
| `readiness.port` | The port the readyz server listens on. | `""` |
| `registryCaBundleConfig.key` | The ConfigMap key containing a custom CA bundle to enable fetching packages from registries with unknown or untrusted certificates. | `""` |
| `registryCaBundleConfig.name` | The ConfigMap name containing a custom CA bundle to enable fetching packages from registries with unknown or untrusted certificates. | `""` |
| `replicas` | The number of Crossplane pod `replicas` to deploy. | `1` |
@ -168,6 +174,8 @@ Apply customizations with the command line or with a Helm _values_ file.
| `resourcesRBACManager.limits.memory` | Memory resource limits for the RBAC Manager pod. | `"512Mi"` |
| `resourcesRBACManager.requests.cpu` | CPU resource requests for the RBAC Manager pod. | `"100m"` |
| `resourcesRBACManager.requests.memory` | Memory resource requests for the RBAC Manager pod. | `"256Mi"` |
| `revisionHistoryLimit` | The number of Crossplane ReplicaSets to retain. | `nil` |
| `runtimeClassName` | The runtimeClassName name to apply to the Crossplane and RBAC Manager pods. | `""` |
| `securityContextCrossplane.allowPrivilegeEscalation` | Enable `allowPrivilegeEscalation` for the Crossplane pod. | `false` |
| `securityContextCrossplane.readOnlyRootFilesystem` | Set the Crossplane pod root file system as read-only. | `true` |
| `securityContextCrossplane.runAsGroup` | The group ID used by the Crossplane pod. | `65532` |
@ -177,10 +185,13 @@ Apply customizations with the command line or with a Helm _values_ file.
| `securityContextRBACManager.runAsGroup` | The group ID used by the RBAC Manager pod. | `65532` |
| `securityContextRBACManager.runAsUser` | The user ID used by the RBAC Manager pod. | `65532` |
| `service.customAnnotations` | Configure annotations on the service object. Only enabled when webhooks.enabled = true | `{}` |
| `serviceAccount.create` | Specifies whether Crossplane ServiceAccount should be created | `true` |
| `serviceAccount.customAnnotations` | Add custom `annotations` to the Crossplane ServiceAccount. | `{}` |
| `serviceAccount.name` | Provide the name of an already created Crossplane ServiceAccount. Required when `serviceAccount.create` is `false` | `""` |
| `tolerations` | Add `tolerations` to the Crossplane pod deployment. | `[]` |
| `topologySpreadConstraints` | Add `topologySpreadConstraints` to the Crossplane pod deployment. | `[]` |
| `webhooks.enabled` | Enable webhooks for Crossplane and installed Provider packages. | `true` |
| `webhooks.port` | The port the webhook server listens on. | `""` |
{{< /table >}}
{{< /expand >}}
<!-- vale gitlab.Substitutions = YES -->
@ -254,11 +265,14 @@ at the table below.
| --- | --- | --- |
| Beta | `--enable-composition-webhook-schema-validation` | Enable Composition validation using schemas. |
| Beta | `--enable-deployment-runtime-configs` | Enable support for DeploymentRuntimeConfigs. |
| Alpha | `--enable-environment-configs` | Enable support for EnvironmentConfigs. |
| Beta | `--enable-usages` | Enable support for Usages. |
| Beta | `--enable-ssa-claims` | Enable support for using server-side apply to sync claims with XRs. |
| Beta | `--enable-realtime-compositions` | Enable support for real time compositions. |
| Alpha | `--enable-external-secret-stores` | Enable support for External Secret Stores. |
| Alpha | `--enable-realtime-compositions` | Enable support for real time compositions. |
| Alpha | `--enable-ssa-claims` | Enable support for using server-side apply to sync claims with XRs. |
| Alpha | `--enable-usages` | Enable support for Usages. |
| Alpha | `--enable-dependency-version-upgrades` | Enable automatic version upgrades of dependencies when updating packages. |
| Alpha | `--enable-dependency-version-downgrades` | Enable automatic version downgrades of dependencies when updating packages. |
| Alpha | `--enable-signature-verification` | Enable support for package signature verification via ImageConfig API. |
| Alpha | `--enable-function-response-cache` | Enable support for caching composition function responses. |
{{< /table >}}
{{< /expand >}}
@ -268,9 +282,7 @@ args='{"--enable-composition-functions","--enable-composition-webhook-schema-val
#### Change the default package registry
Beginning with Crossplane version 1.20.0 Crossplane uses the
[crossplane-contrib](https://github.com/orgs/crossplane-contrib/packages) GitHub
Container Registry at `xpkg.crossplane.io` by default for downloading and
Beginning with Crossplane version 1.20.0 Crossplane uses the [crossplane-contrib](https://github.com/orgs/crossplane-contrib/packages) GitHub Container Registry at `xpkg.crossplane.io` by default for downloading and
installing packages.
Change the default registry location during the Crossplane install with

2
content/v1.17/software/uninstall.md → content/v1.20/software/uninstall.md
View File

@ -135,7 +135,7 @@ List the installed _providers_ with `kubectl get providers`.
```shell {copy-lines="1"}
kubectl get providers
NAME INSTALLED HEALTHY PACKAGE AGE
crossplane-contrib-provider-aws True True xpkg.crossplane.io/crossplane-contrib/provider-aws:v1.21.1 8h
crossplane-contrib-provider-aws True True xpkg.crossplane.io/crossplane-contrib/provider-aws:v1.21.1 8h
```
Remove the installed _providers_ with `kubectl delete provider`.

0
content/v1.17/software/upgrade.md → content/v1.20/software/upgrade.md
View File

2
netlify_build.sh
View File

@ -1,7 +1,7 @@
#!/usr/bin/env bash
# Which which version is the "Latest"?
LATEST_VER="1.19"
LATEST_VER="1.20"
# Make a copy of /content/$LATEST_VER to the directory /latest
# Search indexing only points to /latest, this prevents broken or out of date