fluxcd
/
source-controller
mirror of https://github.com/fluxcd/source-controller.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updating controller-gen to v0.14.0 

Signed-off-by: Soule BA <bah.soule@gmail.com>
This commit is contained in:
Soule BA 2024-03-12 12:05:04 +01:00
parent 4dd5b2996b
commit 4163f3f0a1
No known key found for this signature in database
GPG Key ID: 4D40965192802994
9 changed files with 1241 additions and 1004 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -38,7 +38,7 @@ FUZZ_TIME ?= 1m
GO_STATIC_FLAGS=-ldflags "-s -w" -tags 'netgo,osusergo,static_build$(addprefix ,,$(GO_TAGS))' GO_STATIC_FLAGS=-ldflags "-s -w" -tags 'netgo,osusergo,static_build$(addprefix ,,$(GO_TAGS))'
# API (doc) generation utilities # API (doc) generation utilities
CONTROLLER_GEN_VERSION ?= v0.12.0 CONTROLLER_GEN_VERSION ?= v0.14.0
GEN_API_REF_DOCS_VERSION ?= e327d0730470cbd61b06300f81c5fcf91c23c113 GEN_API_REF_DOCS_VERSION ?= e327d0730470cbd61b06300f81c5fcf91c23c113
# If gobin not set, create one on ./build and add to path. # If gobin not set, create one on ./build and add to path.

1
api/v1/zz_generated.deepcopy.go
View File

@ -1,5 +1,4 @@
//go:build !ignore_autogenerated //go:build !ignore_autogenerated
// +build !ignore_autogenerated
/* /*
Copyright 2023 The Flux authors Copyright 2023 The Flux authors

1
api/v1beta1/zz_generated.deepcopy.go
View File

@ -1,5 +1,4 @@
//go:build !ignore_autogenerated //go:build !ignore_autogenerated
// +build !ignore_autogenerated
/* /*
Copyright 2023 The Flux authors Copyright 2023 The Flux authors

1
api/v1beta2/zz_generated.deepcopy.go
View File

@ -1,5 +1,4 @@
//go:build !ignore_autogenerated //go:build !ignore_autogenerated
// +build !ignore_autogenerated
/* /*
Copyright 2023 The Flux authors Copyright 2023 The Flux authors

314
config/crd/bases/source.toolkit.fluxcd.io_buckets.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.12.0 controller-gen.kubebuilder.io/version: v0.14.0
name: buckets.source.toolkit.fluxcd.io name: buckets.source.toolkit.fluxcd.io
spec: spec:
group: source.toolkit.fluxcd.io group: source.toolkit.fluxcd.io
@ -33,14 +33,19 @@ spec:
description: Bucket is the Schema for the buckets API description: Bucket is the Schema for the buckets API
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -53,22 +58,21 @@ spec:
cross-namespace references to this object. cross-namespace references to this object.
properties: properties:
namespaceSelectors: namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors description: |-
to which this ACL applies. Items in this list are evaluated NamespaceSelectors is the list of namespace selectors to which this ACL applies.
using a logical OR operation. Items in this list are evaluated using a logical OR operation.
items: items:
description: NamespaceSelector selects the namespaces to which description: |-
this ACL applies. An empty map of MatchLabels matches all NamespaceSelector selects the namespaces to which this ACL applies.
namespaces in a cluster. An empty map of MatchLabels matches all namespaces in a cluster.
properties: properties:
matchLabels: matchLabels:
additionalProperties: additionalProperties:
type: string type: string
description: MatchLabels is a map of {key,value} pairs. description: |-
A single {key,value} in the matchLabels map is equivalent MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
to an element of matchExpressions, whose key field is map is equivalent to an element of matchExpressions, whose key field is "key", the
"key", the operator is "In", and the values array contains operator is "In", and the values array contains only "value". The requirements are ANDed.
only "value". The requirements are ANDed.
type: object type: object
type: object type: object
type: array type: array
@ -82,10 +86,10 @@ spec:
description: The bucket endpoint address. description: The bucket endpoint address.
type: string type: string
ignore: ignore:
description: Ignore overrides the set of excluded patterns in the description: |-
.sourceignore format (which is the same as .gitignore). If not provided, Ignore overrides the set of excluded patterns in the .sourceignore format
a default will be used, consult the documentation for your version (which is the same as .gitignore). If not provided, a default will be used,
to find out what those are. consult the documentation for your version to find out what those are.
type: string type: string
insecure: insecure:
description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. description: Insecure allows connecting to a non-TLS S3 HTTP endpoint.
@ -105,7 +109,8 @@ spec:
description: The bucket region. description: The bucket region.
type: string type: string
secretRef: secretRef:
description: The name of the secret containing authentication credentials description: |-
The name of the secret containing authentication credentials
for the Bucket. for the Bucket.
properties: properties:
name: name:
@ -140,17 +145,19 @@ spec:
description: Checksum is the SHA256 checksum of the artifact. description: Checksum is the SHA256 checksum of the artifact.
type: string type: string
lastUpdateTime: lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to description: |-
the last update of this artifact. LastUpdateTime is the timestamp corresponding to the last update of this
artifact.
format: date-time format: date-time
type: string type: string
path: path:
description: Path is the relative file path of this artifact. description: Path is the relative file path of this artifact.
type: string type: string
revision: revision:
description: Revision is a human readable identifier traceable description: |-
in the origin source system. It can be a Git commit SHA, Git Revision is a human readable identifier traceable in the origin source
tag, a Helm index timestamp, a Helm chart version, etc. system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
chart version, etc.
type: string type: string
url: url:
description: URL is the HTTP address of this artifact. description: URL is the HTTP address of this artifact.
@ -163,42 +170,42 @@ spec:
description: Conditions holds the conditions for the Bucket. description: Conditions holds the conditions for the Bucket.
items: items:
description: "Condition contains details for one aspect of the current description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct state of this API Resource.\n---\nThis struct is intended for
use as an array at the field path .status.conditions. For example, direct use as an array at the field path .status.conditions. For
\n type FooStatus struct{ // Represents the observations of a example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
foo's current state. // Known .status.conditions.type are: \"Available\", observations of a foo's current state.\n\t // Known .status.conditions.type
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
// +listType=map // +listMapKey=type Conditions []metav1.Condition +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
\ // other fields\n\t}"
properties: properties:
lastTransitionTime: lastTransitionTime:
description: lastTransitionTime is the last time the condition description: |-
transitioned from one status to another. This should be when lastTransitionTime is the last time the condition transitioned from one status to another.
the underlying condition changed. If that is not known, then This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
using the time when the API field changed is acceptable.
format: date-time format: date-time
type: string type: string
message: message:
description: message is a human readable message indicating description: |-
details about the transition. This may be an empty string. message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768 maxLength: 32768
type: string type: string
observedGeneration: observedGeneration:
description: observedGeneration represents the .metadata.generation description: |-
that the condition was set based upon. For instance, if .metadata.generation observedGeneration represents the .metadata.generation that the condition was set based upon.
is currently 12, but the .status.conditions[x].observedGeneration For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
is 9, the condition is out of date with respect to the current with respect to the current state of the instance.
state of the instance.
format: int64 format: int64
minimum: 0 minimum: 0
type: integer type: integer
reason: reason:
description: reason contains a programmatic identifier indicating description: |-
the reason for the condition's last transition. Producers reason contains a programmatic identifier indicating the reason for the condition's last transition.
of specific condition types may define expected values and Producers of specific condition types may define expected values and meanings for this field,
meanings for this field, and whether the values are considered and whether the values are considered a guaranteed API.
a guaranteed API. The value should be a CamelCase string. The value should be a CamelCase string.
This field may not be empty. This field may not be empty.
maxLength: 1024 maxLength: 1024
minLength: 1 minLength: 1
@ -212,11 +219,12 @@ spec:
- Unknown - Unknown
type: string type: string
type: type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. description: |-
--- Many .condition.type values are consistent across resources type of condition in CamelCase or in foo.example.com/CamelCase.
like Available, but because arbitrary conditions can be useful ---
(see .node.status.conditions), the ability to deconflict is Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) useful (see .node.status.conditions), the ability to deconflict is important.
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316 maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string type: string
@ -229,9 +237,10 @@ spec:
type: object type: object
type: array type: array
lastHandledReconcileAt: lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent description: |-
reconcile request value, so a change of the annotation value can LastHandledReconcileAt holds the value of the most recent
be detected. reconcile request value, so a change of the annotation value
can be detected.
type: string type: string
observedGeneration: observedGeneration:
description: ObservedGeneration is the last observed generation. description: ObservedGeneration is the last observed generation.
@ -266,43 +275,49 @@ spec:
description: Bucket is the Schema for the buckets API. description: Bucket is the Schema for the buckets API.
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
spec: spec:
description: BucketSpec specifies the required configuration to produce description: |-
an Artifact for an object storage bucket. BucketSpec specifies the required configuration to produce an Artifact for
an object storage bucket.
properties: properties:
accessFrom: accessFrom:
description: 'AccessFrom specifies an Access Control List for allowing description: |-
cross-namespace references to this object. NOTE: Not implemented, AccessFrom specifies an Access Control List for allowing cross-namespace
provisional as of https://github.com/fluxcd/flux2/pull/2092' references to this object.
NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
properties: properties:
namespaceSelectors: namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors description: |-
to which this ACL applies. Items in this list are evaluated NamespaceSelectors is the list of namespace selectors to which this ACL applies.
using a logical OR operation. Items in this list are evaluated using a logical OR operation.
items: items:
description: NamespaceSelector selects the namespaces to which description: |-
this ACL applies. An empty map of MatchLabels matches all NamespaceSelector selects the namespaces to which this ACL applies.
namespaces in a cluster. An empty map of MatchLabels matches all namespaces in a cluster.
properties: properties:
matchLabels: matchLabels:
additionalProperties: additionalProperties:
type: string type: string
description: MatchLabels is a map of {key,value} pairs. description: |-
A single {key,value} in the matchLabels map is equivalent MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
to an element of matchExpressions, whose key field is map is equivalent to an element of matchExpressions, whose key field is "key", the
"key", the operator is "In", and the values array contains operator is "In", and the values array contains only "value". The requirements are ANDed.
only "value". The requirements are ANDed.
type: object type: object
type: object type: object
type: array type: array
@ -317,18 +332,19 @@ spec:
is located at. is located at.
type: string type: string
ignore: ignore:
description: Ignore overrides the set of excluded patterns in the description: |-
.sourceignore format (which is the same as .gitignore). If not provided, Ignore overrides the set of excluded patterns in the .sourceignore format
a default will be used, consult the documentation for your version (which is the same as .gitignore). If not provided, a default will be used,
to find out what those are. consult the documentation for your version to find out what those are.
type: string type: string
insecure: insecure:
description: Insecure allows connecting to a non-TLS HTTP Endpoint. description: Insecure allows connecting to a non-TLS HTTP Endpoint.
type: boolean type: boolean
interval: interval:
description: Interval at which the Bucket Endpoint is checked for description: |-
updates. This interval is approximate and may be subject to jitter Interval at which the Bucket Endpoint is checked for updates.
to ensure efficient use of resources. This interval is approximate and may be subject to jitter to ensure
efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string type: string
prefix: prefix:
@ -337,8 +353,10 @@ spec:
type: string type: string
provider: provider:
default: generic default: generic
description: Provider of the object storage bucket. Defaults to 'generic', description: |-
which expects an S3 (API) compatible object storage. Provider of the object storage bucket.
Defaults to 'generic', which expects an S3 (API) compatible object
storage.
enum: enum:
- generic - generic
- aws - aws
@ -350,8 +368,9 @@ spec:
in. in.
type: string type: string
secretRef: secretRef:
description: SecretRef specifies the Secret containing authentication description: |-
credentials for the Bucket. SecretRef specifies the Secret containing authentication credentials
for the Bucket.
properties: properties:
name: name:
description: Name of the referent. description: Name of the referent.
@ -360,8 +379,9 @@ spec:
- name - name
type: object type: object
suspend: suspend:
description: Suspend tells the controller to suspend the reconciliation description: |-
of this Bucket. Suspend tells the controller to suspend the reconciliation of this
Bucket.
type: boolean type: boolean
timeout: timeout:
default: 60s default: 60s
@ -386,8 +406,9 @@ spec:
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string type: string
lastUpdateTime: lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to description: |-
the last update of the Artifact. LastUpdateTime is the timestamp corresponding to the last update of the
Artifact.
format: date-time format: date-time
type: string type: string
metadata: metadata:
@ -396,24 +417,25 @@ spec:
description: Metadata holds upstream information such as OCI annotations. description: Metadata holds upstream information such as OCI annotations.
type: object type: object
path: path:
description: Path is the relative file path of the Artifact. It description: |-
can be used to locate the file in the root of the Artifact storage Path is the relative file path of the Artifact. It can be used to locate
on the local file system of the controller managing the Source. the file in the root of the Artifact storage on the local file system of
the controller managing the Source.
type: string type: string
revision: revision:
description: Revision is a human-readable identifier traceable description: |-
in the origin source system. It can be a Git commit SHA, Git Revision is a human-readable identifier traceable in the origin source
tag, a Helm chart version, etc. system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
type: string type: string
size: size:
description: Size is the number of bytes in the file. description: Size is the number of bytes in the file.
format: int64 format: int64
type: integer type: integer
url: url:
description: URL is the HTTP address of the Artifact as exposed description: |-
by the controller managing the Source. It can be used to retrieve URL is the HTTP address of the Artifact as exposed by the controller
the Artifact for consumption, e.g. by another controller applying managing the Source. It can be used to retrieve the Artifact for
the Artifact contents. consumption, e.g. by another controller applying the Artifact contents.
type: string type: string
required: required:
- lastUpdateTime - lastUpdateTime
@ -425,42 +447,42 @@ spec:
description: Conditions holds the conditions for the Bucket. description: Conditions holds the conditions for the Bucket.
items: items:
description: "Condition contains details for one aspect of the current description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct state of this API Resource.\n---\nThis struct is intended for
use as an array at the field path .status.conditions. For example, direct use as an array at the field path .status.conditions. For
\n type FooStatus struct{ // Represents the observations of a example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
foo's current state. // Known .status.conditions.type are: \"Available\", observations of a foo's current state.\n\t // Known .status.conditions.type
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
// +listType=map // +listMapKey=type Conditions []metav1.Condition +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
\ // other fields\n\t}"
properties: properties:
lastTransitionTime: lastTransitionTime:
description: lastTransitionTime is the last time the condition description: |-
transitioned from one status to another. This should be when lastTransitionTime is the last time the condition transitioned from one status to another.
the underlying condition changed. If that is not known, then This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
using the time when the API field changed is acceptable.
format: date-time format: date-time
type: string type: string
message: message:
description: message is a human readable message indicating description: |-
details about the transition. This may be an empty string. message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768 maxLength: 32768
type: string type: string
observedGeneration: observedGeneration:
description: observedGeneration represents the .metadata.generation description: |-
that the condition was set based upon. For instance, if .metadata.generation observedGeneration represents the .metadata.generation that the condition was set based upon.
is currently 12, but the .status.conditions[x].observedGeneration For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
is 9, the condition is out of date with respect to the current with respect to the current state of the instance.
state of the instance.
format: int64 format: int64
minimum: 0 minimum: 0
type: integer type: integer
reason: reason:
description: reason contains a programmatic identifier indicating description: |-
the reason for the condition's last transition. Producers reason contains a programmatic identifier indicating the reason for the condition's last transition.
of specific condition types may define expected values and Producers of specific condition types may define expected values and meanings for this field,
meanings for this field, and whether the values are considered and whether the values are considered a guaranteed API.
a guaranteed API. The value should be a CamelCase string. The value should be a CamelCase string.
This field may not be empty. This field may not be empty.
maxLength: 1024 maxLength: 1024
minLength: 1 minLength: 1
@ -474,11 +496,12 @@ spec:
- Unknown - Unknown
type: string type: string
type: type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. description: |-
--- Many .condition.type values are consistent across resources type of condition in CamelCase or in foo.example.com/CamelCase.
like Available, but because arbitrary conditions can be useful ---
(see .node.status.conditions), the ability to deconflict is Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) useful (see .node.status.conditions), the ability to deconflict is important.
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316 maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string type: string
@ -491,9 +514,10 @@ spec:
type: object type: object
type: array type: array
lastHandledReconcileAt: lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent description: |-
reconcile request value, so a change of the annotation value can LastHandledReconcileAt holds the value of the most recent
be detected. reconcile request value, so a change of the annotation value
can be detected.
type: string type: string
observedGeneration: observedGeneration:
description: ObservedGeneration is the last observed generation of description: ObservedGeneration is the last observed generation of
@ -501,13 +525,15 @@ spec:
format: int64 format: int64
type: integer type: integer
observedIgnore: observedIgnore:
description: ObservedIgnore is the observed exclusion patterns used description: |-
for constructing the source artifact. ObservedIgnore is the observed exclusion patterns used for constructing
the source artifact.
type: string type: string
url: url:
description: URL is the dynamic fetch link for the latest Artifact. description: |-
It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact URL is the dynamic fetch link for the latest Artifact.
data is recommended. It is provided on a "best effort" basis, and using the precise
BucketStatus.Artifact data is recommended.
type: string type: string
type: object type: object
type: object type: object

814
config/crd/bases/source.toolkit.fluxcd.io_gitrepositories.yaml
View File

File diff suppressed because it is too large Load Diff

418
config/crd/bases/source.toolkit.fluxcd.io_helmcharts.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.12.0 controller-gen.kubebuilder.io/version: v0.14.0
name: helmcharts.source.toolkit.fluxcd.io name: helmcharts.source.toolkit.fluxcd.io
spec: spec:
group: source.toolkit.fluxcd.io group: source.toolkit.fluxcd.io
@ -44,14 +44,19 @@ spec:
description: HelmChart is the Schema for the helmcharts API description: HelmChart is the Schema for the helmcharts API
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -63,22 +68,21 @@ spec:
cross-namespace references to this object. cross-namespace references to this object.
properties: properties:
namespaceSelectors: namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors description: |-
to which this ACL applies. Items in this list are evaluated NamespaceSelectors is the list of namespace selectors to which this ACL applies.
using a logical OR operation. Items in this list are evaluated using a logical OR operation.
items: items:
description: NamespaceSelector selects the namespaces to which description: |-
this ACL applies. An empty map of MatchLabels matches all NamespaceSelector selects the namespaces to which this ACL applies.
namespaces in a cluster. An empty map of MatchLabels matches all namespaces in a cluster.
properties: properties:
matchLabels: matchLabels:
additionalProperties: additionalProperties:
type: string type: string
description: MatchLabels is a map of {key,value} pairs. description: |-
A single {key,value} in the matchLabels map is equivalent MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
to an element of matchExpressions, whose key field is map is equivalent to an element of matchExpressions, whose key field is "key", the
"key", the operator is "In", and the values array contains operator is "In", and the values array contains only "value". The requirements are ANDed.
only "value". The requirements are ANDed.
type: object type: object
type: object type: object
type: array type: array
@ -94,10 +98,11 @@ spec:
type: string type: string
reconcileStrategy: reconcileStrategy:
default: ChartVersion default: ChartVersion
description: Determines what enables the creation of a new artifact. description: |-
Valid values are ('ChartVersion', 'Revision'). See the documentation Determines what enables the creation of a new artifact. Valid values are
of the values for an explanation on their behavior. Defaults to ('ChartVersion', 'Revision').
ChartVersion when omitted. See the documentation of the values for an explanation on their behavior.
Defaults to ChartVersion when omitted.
enum: enum:
- ChartVersion - ChartVersion
- Revision - Revision
@ -109,8 +114,9 @@ spec:
description: APIVersion of the referent. description: APIVersion of the referent.
type: string type: string
kind: kind:
description: Kind of the referent, valid values are ('HelmRepository', description: |-
'GitRepository', 'Bucket'). Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
'Bucket').
enum: enum:
- HelmRepository - HelmRepository
- GitRepository - GitRepository
@ -128,24 +134,26 @@ spec:
of this source. of this source.
type: boolean type: boolean
valuesFile: valuesFile:
description: Alternative values file to use as the default chart values, description: |-
expected to be a relative path in the SourceRef. Deprecated in favor Alternative values file to use as the default chart values, expected to
of ValuesFiles, for backwards compatibility the file defined here be a relative path in the SourceRef. Deprecated in favor of ValuesFiles,
is merged before the ValuesFiles items. Ignored when omitted. for backwards compatibility the file defined here is merged before the
ValuesFiles items. Ignored when omitted.
type: string type: string
valuesFiles: valuesFiles:
description: Alternative list of values files to use as the chart description: |-
values (values.yaml is not included by default), expected to be Alternative list of values files to use as the chart values (values.yaml
a relative path in the SourceRef. Values files are merged in the is not included by default), expected to be a relative path in the SourceRef.
order of this list with the last file overriding the first. Ignored Values files are merged in the order of this list with the last file overriding
when omitted. the first. Ignored when omitted.
items: items:
type: string type: string
type: array type: array
version: version:
default: '*' default: '*'
description: The chart version semver expression, ignored for charts description: |-
from GitRepository and Bucket sources. Defaults to latest when omitted. The chart version semver expression, ignored for charts from GitRepository
and Bucket sources. Defaults to latest when omitted.
type: string type: string
required: required:
- chart - chart
@ -165,17 +173,19 @@ spec:
description: Checksum is the SHA256 checksum of the artifact. description: Checksum is the SHA256 checksum of the artifact.
type: string type: string
lastUpdateTime: lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to description: |-
the last update of this artifact. LastUpdateTime is the timestamp corresponding to the last update of this
artifact.
format: date-time format: date-time
type: string type: string
path: path:
description: Path is the relative file path of this artifact. description: Path is the relative file path of this artifact.
type: string type: string
revision: revision:
description: Revision is a human readable identifier traceable description: |-
in the origin source system. It can be a Git commit SHA, Git Revision is a human readable identifier traceable in the origin source
tag, a Helm index timestamp, a Helm chart version, etc. system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
chart version, etc.
type: string type: string
url: url:
description: URL is the HTTP address of this artifact. description: URL is the HTTP address of this artifact.
@ -188,42 +198,42 @@ spec:
description: Conditions holds the conditions for the HelmChart. description: Conditions holds the conditions for the HelmChart.
items: items:
description: "Condition contains details for one aspect of the current description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct state of this API Resource.\n---\nThis struct is intended for
use as an array at the field path .status.conditions. For example, direct use as an array at the field path .status.conditions. For
\n type FooStatus struct{ // Represents the observations of a example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
foo's current state. // Known .status.conditions.type are: \"Available\", observations of a foo's current state.\n\t // Known .status.conditions.type
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
// +listType=map // +listMapKey=type Conditions []metav1.Condition +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
\ // other fields\n\t}"
properties: properties:
lastTransitionTime: lastTransitionTime:
description: lastTransitionTime is the last time the condition description: |-
transitioned from one status to another. This should be when lastTransitionTime is the last time the condition transitioned from one status to another.
the underlying condition changed. If that is not known, then This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
using the time when the API field changed is acceptable.
format: date-time format: date-time
type: string type: string
message: message:
description: message is a human readable message indicating description: |-
details about the transition. This may be an empty string. message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768 maxLength: 32768
type: string type: string
observedGeneration: observedGeneration:
description: observedGeneration represents the .metadata.generation description: |-
that the condition was set based upon. For instance, if .metadata.generation observedGeneration represents the .metadata.generation that the condition was set based upon.
is currently 12, but the .status.conditions[x].observedGeneration For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
is 9, the condition is out of date with respect to the current with respect to the current state of the instance.
state of the instance.
format: int64 format: int64
minimum: 0 minimum: 0
type: integer type: integer
reason: reason:
description: reason contains a programmatic identifier indicating description: |-
the reason for the condition's last transition. Producers reason contains a programmatic identifier indicating the reason for the condition's last transition.
of specific condition types may define expected values and Producers of specific condition types may define expected values and meanings for this field,
meanings for this field, and whether the values are considered and whether the values are considered a guaranteed API.
a guaranteed API. The value should be a CamelCase string. The value should be a CamelCase string.
This field may not be empty. This field may not be empty.
maxLength: 1024 maxLength: 1024
minLength: 1 minLength: 1
@ -237,11 +247,12 @@ spec:
- Unknown - Unknown
type: string type: string
type: type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. description: |-
--- Many .condition.type values are consistent across resources type of condition in CamelCase or in foo.example.com/CamelCase.
like Available, but because arbitrary conditions can be useful ---
(see .node.status.conditions), the ability to deconflict is Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) useful (see .node.status.conditions), the ability to deconflict is important.
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316 maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string type: string
@ -254,9 +265,10 @@ spec:
type: object type: object
type: array type: array
lastHandledReconcileAt: lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent description: |-
reconcile request value, so a change of the annotation value can LastHandledReconcileAt holds the value of the most recent
be detected. reconcile request value, so a change of the annotation value
can be detected.
type: string type: string
observedGeneration: observedGeneration:
description: ObservedGeneration is the last observed generation. description: ObservedGeneration is the last observed generation.
@ -299,14 +311,19 @@ spec:
description: HelmChart is the Schema for the helmcharts API. description: HelmChart is the Schema for the helmcharts API.
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -314,27 +331,27 @@ spec:
description: HelmChartSpec specifies the desired state of a Helm chart. description: HelmChartSpec specifies the desired state of a Helm chart.
properties: properties:
accessFrom: accessFrom:
description: 'AccessFrom specifies an Access Control List for allowing description: |-
cross-namespace references to this object. NOTE: Not implemented, AccessFrom specifies an Access Control List for allowing cross-namespace
provisional as of https://github.com/fluxcd/flux2/pull/2092' references to this object.
NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
properties: properties:
namespaceSelectors: namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors description: |-
to which this ACL applies. Items in this list are evaluated NamespaceSelectors is the list of namespace selectors to which this ACL applies.
using a logical OR operation. Items in this list are evaluated using a logical OR operation.
items: items:
description: NamespaceSelector selects the namespaces to which description: |-
this ACL applies. An empty map of MatchLabels matches all NamespaceSelector selects the namespaces to which this ACL applies.
namespaces in a cluster. An empty map of MatchLabels matches all namespaces in a cluster.
properties: properties:
matchLabels: matchLabels:
additionalProperties: additionalProperties:
type: string type: string
description: MatchLabels is a map of {key,value} pairs. description: |-
A single {key,value} in the matchLabels map is equivalent MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
to an element of matchExpressions, whose key field is map is equivalent to an element of matchExpressions, whose key field is "key", the
"key", the operator is "In", and the values array contains operator is "In", and the values array contains only "value". The requirements are ANDed.
only "value". The requirements are ANDed.
type: object type: object
type: object type: object
type: array type: array
@ -342,21 +359,24 @@ spec:
- namespaceSelectors - namespaceSelectors
type: object type: object
chart: chart:
description: Chart is the name or path the Helm chart is available description: |-
at in the SourceRef. Chart is the name or path the Helm chart is available at in the
SourceRef.
type: string type: string
interval: interval:
description: Interval at which the HelmChart SourceRef is checked description: |-
for updates. This interval is approximate and may be subject to Interval at which the HelmChart SourceRef is checked for updates.
jitter to ensure efficient use of resources. This interval is approximate and may be subject to jitter to ensure
efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string type: string
reconcileStrategy: reconcileStrategy:
default: ChartVersion default: ChartVersion
description: ReconcileStrategy determines what enables the creation description: |-
of a new artifact. Valid values are ('ChartVersion', 'Revision'). ReconcileStrategy determines what enables the creation of a new artifact.
See the documentation of the values for an explanation on their Valid values are ('ChartVersion', 'Revision').
behavior. Defaults to ChartVersion when omitted. See the documentation of the values for an explanation on their behavior.
Defaults to ChartVersion when omitted.
enum: enum:
- ChartVersion - ChartVersion
- Revision - Revision
@ -369,8 +389,9 @@ spec:
description: APIVersion of the referent. description: APIVersion of the referent.
type: string type: string
kind: kind:
description: Kind of the referent, valid values are ('HelmRepository', description: |-
'GitRepository', 'Bucket'). Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
'Bucket').
enum: enum:
- HelmRepository - HelmRepository
- GitRepository - GitRepository
@ -384,53 +405,57 @@ spec:
- name - name
type: object type: object
suspend: suspend:
description: Suspend tells the controller to suspend the reconciliation description: |-
of this source. Suspend tells the controller to suspend the reconciliation of this
source.
type: boolean type: boolean
valuesFile: valuesFile:
description: ValuesFile is an alternative values file to use as the description: |-
default chart values, expected to be a relative path in the SourceRef. ValuesFile is an alternative values file to use as the default chart
Deprecated in favor of ValuesFiles, for backwards compatibility values, expected to be a relative path in the SourceRef. Deprecated in
the file specified here is merged before the ValuesFiles items. favor of ValuesFiles, for backwards compatibility the file specified here
Ignored when omitted. is merged before the ValuesFiles items. Ignored when omitted.
type: string type: string
valuesFiles: valuesFiles:
description: ValuesFiles is an alternative list of values files to description: |-
use as the chart values (values.yaml is not included by default), ValuesFiles is an alternative list of values files to use as the chart
expected to be a relative path in the SourceRef. Values files are values (values.yaml is not included by default), expected to be a
merged in the order of this list with the last file overriding the relative path in the SourceRef.
first. Ignored when omitted. Values files are merged in the order of this list with the last file
overriding the first. Ignored when omitted.
items: items:
type: string type: string
type: array type: array
verify: verify:
description: Verify contains the secret name containing the trusted description: |-
public keys used to verify the signature and specifies which provider Verify contains the secret name containing the trusted public keys
to use to check whether OCI image is authentic. This field is only used to verify the signature and specifies which provider to use to check
supported when using HelmRepository source with spec.type 'oci'. whether OCI image is authentic.
Chart dependencies, which are not bundled in the umbrella chart This field is only supported when using HelmRepository source with spec.type 'oci'.
artifact, are not verified. Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified.
properties: properties:
matchOIDCIdentity: matchOIDCIdentity:
description: MatchOIDCIdentity specifies the identity matching description: |-
criteria to use while verifying an OCI artifact which was signed MatchOIDCIdentity specifies the identity matching criteria to use
using Cosign keyless signing. The artifact's identity is deemed while verifying an OCI artifact which was signed using Cosign keyless
to be verified if any of the specified matchers match against signing. The artifact's identity is deemed to be verified if any of the
the identity. specified matchers match against the identity.
items: items:
description: OIDCIdentityMatch specifies options for verifying description: |-
the certificate identity, i.e. the issuer and the subject OIDCIdentityMatch specifies options for verifying the certificate identity,
of the certificate. i.e. the issuer and the subject of the certificate.
properties: properties:
issuer: issuer:
description: Issuer specifies the regex pattern to match description: |-
against to verify the OIDC issuer in the Fulcio certificate. Issuer specifies the regex pattern to match against to verify
The pattern must be a valid Go regular expression. the OIDC issuer in the Fulcio certificate. The pattern must be a
valid Go regular expression.
type: string type: string
subject: subject:
description: Subject specifies the regex pattern to match description: |-
against to verify the identity subject in the Fulcio certificate. Subject specifies the regex pattern to match against to verify
The pattern must be a valid Go regular expression. the identity subject in the Fulcio certificate. The pattern must
be a valid Go regular expression.
type: string type: string
required: required:
- issuer - issuer
@ -445,8 +470,9 @@ spec:
- cosign - cosign
type: string type: string
secretRef: secretRef:
description: SecretRef specifies the Kubernetes Secret containing description: |-
the trusted public keys. SecretRef specifies the Kubernetes Secret containing the
trusted public keys.
properties: properties:
name: name:
description: Name of the referent. description: Name of the referent.
@ -459,9 +485,9 @@ spec:
type: object type: object
version: version:
default: '*' default: '*'
description: Version is the chart version semver expression, ignored description: |-
for charts from GitRepository and Bucket sources. Defaults to latest Version is the chart version semver expression, ignored for charts from
when omitted. GitRepository and Bucket sources. Defaults to latest when omitted.
type: string type: string
required: required:
- chart - chart
@ -482,8 +508,9 @@ spec:
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string type: string
lastUpdateTime: lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to description: |-
the last update of the Artifact. LastUpdateTime is the timestamp corresponding to the last update of the
Artifact.
format: date-time format: date-time
type: string type: string
metadata: metadata:
@ -492,24 +519,25 @@ spec:
description: Metadata holds upstream information such as OCI annotations. description: Metadata holds upstream information such as OCI annotations.
type: object type: object
path: path:
description: Path is the relative file path of the Artifact. It description: |-
can be used to locate the file in the root of the Artifact storage Path is the relative file path of the Artifact. It can be used to locate
on the local file system of the controller managing the Source. the file in the root of the Artifact storage on the local file system of
the controller managing the Source.
type: string type: string
revision: revision:
description: Revision is a human-readable identifier traceable description: |-
in the origin source system. It can be a Git commit SHA, Git Revision is a human-readable identifier traceable in the origin source
tag, a Helm chart version, etc. system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
type: string type: string
size: size:
description: Size is the number of bytes in the file. description: Size is the number of bytes in the file.
format: int64 format: int64
type: integer type: integer
url: url:
description: URL is the HTTP address of the Artifact as exposed description: |-
by the controller managing the Source. It can be used to retrieve URL is the HTTP address of the Artifact as exposed by the controller
the Artifact for consumption, e.g. by another controller applying managing the Source. It can be used to retrieve the Artifact for
the Artifact contents. consumption, e.g. by another controller applying the Artifact contents.
type: string type: string
required: required:
- lastUpdateTime - lastUpdateTime
@ -521,42 +549,42 @@ spec:
description: Conditions holds the conditions for the HelmChart. description: Conditions holds the conditions for the HelmChart.
items: items:
description: "Condition contains details for one aspect of the current description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct state of this API Resource.\n---\nThis struct is intended for
use as an array at the field path .status.conditions. For example, direct use as an array at the field path .status.conditions. For
\n type FooStatus struct{ // Represents the observations of a example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
foo's current state. // Known .status.conditions.type are: \"Available\", observations of a foo's current state.\n\t // Known .status.conditions.type
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
// +listType=map // +listMapKey=type Conditions []metav1.Condition +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
\ // other fields\n\t}"
properties: properties:
lastTransitionTime: lastTransitionTime:
description: lastTransitionTime is the last time the condition description: |-
transitioned from one status to another. This should be when lastTransitionTime is the last time the condition transitioned from one status to another.
the underlying condition changed. If that is not known, then This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
using the time when the API field changed is acceptable.
format: date-time format: date-time
type: string type: string
message: message:
description: message is a human readable message indicating description: |-
details about the transition. This may be an empty string. message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768 maxLength: 32768
type: string type: string
observedGeneration: observedGeneration:
description: observedGeneration represents the .metadata.generation description: |-
that the condition was set based upon. For instance, if .metadata.generation observedGeneration represents the .metadata.generation that the condition was set based upon.
is currently 12, but the .status.conditions[x].observedGeneration For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
is 9, the condition is out of date with respect to the current with respect to the current state of the instance.
state of the instance.
format: int64 format: int64
minimum: 0 minimum: 0
type: integer type: integer
reason: reason:
description: reason contains a programmatic identifier indicating description: |-
the reason for the condition's last transition. Producers reason contains a programmatic identifier indicating the reason for the condition's last transition.
of specific condition types may define expected values and Producers of specific condition types may define expected values and meanings for this field,
meanings for this field, and whether the values are considered and whether the values are considered a guaranteed API.
a guaranteed API. The value should be a CamelCase string. The value should be a CamelCase string.
This field may not be empty. This field may not be empty.
maxLength: 1024 maxLength: 1024
minLength: 1 minLength: 1
@ -570,11 +598,12 @@ spec:
- Unknown - Unknown
type: string type: string
type: type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. description: |-
--- Many .condition.type values are consistent across resources type of condition in CamelCase or in foo.example.com/CamelCase.
like Available, but because arbitrary conditions can be useful ---
(see .node.status.conditions), the ability to deconflict is Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) useful (see .node.status.conditions), the ability to deconflict is important.
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316 maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string type: string
@ -587,27 +616,32 @@ spec:
type: object type: object
type: array type: array
lastHandledReconcileAt: lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent description: |-
reconcile request value, so a change of the annotation value can LastHandledReconcileAt holds the value of the most recent
be detected. reconcile request value, so a change of the annotation value
can be detected.
type: string type: string
observedChartName: observedChartName:
description: ObservedChartName is the last observed chart name as description: |-
specified by the resolved chart reference. ObservedChartName is the last observed chart name as specified by the
resolved chart reference.
type: string type: string
observedGeneration: observedGeneration:
description: ObservedGeneration is the last observed generation of description: |-
the HelmChart object. ObservedGeneration is the last observed generation of the HelmChart
object.
format: int64 format: int64
type: integer type: integer
observedSourceArtifactRevision: observedSourceArtifactRevision:
description: ObservedSourceArtifactRevision is the last observed Artifact.Revision description: |-
ObservedSourceArtifactRevision is the last observed Artifact.Revision
of the HelmChartSpec.SourceRef. of the HelmChartSpec.SourceRef.
type: string type: string
url: url:
description: URL is the dynamic fetch link for the latest Artifact. description: |-
It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact URL is the dynamic fetch link for the latest Artifact.
data is recommended. It is provided on a "best effort" basis, and using the precise
BucketStatus.Artifact data is recommended.
type: string type: string
type: object type: object
type: object type: object

392
config/crd/bases/source.toolkit.fluxcd.io_helmrepositories.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.12.0 controller-gen.kubebuilder.io/version: v0.14.0
name: helmrepositories.source.toolkit.fluxcd.io name: helmrepositories.source.toolkit.fluxcd.io
spec: spec:
group: source.toolkit.fluxcd.io group: source.toolkit.fluxcd.io
@ -35,14 +35,19 @@ spec:
description: HelmRepository is the Schema for the helmrepositories API description: HelmRepository is the Schema for the helmrepositories API
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -54,22 +59,21 @@ spec:
cross-namespace references to this object. cross-namespace references to this object.
properties: properties:
namespaceSelectors: namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors description: |-
to which this ACL applies. Items in this list are evaluated NamespaceSelectors is the list of namespace selectors to which this ACL applies.
using a logical OR operation. Items in this list are evaluated using a logical OR operation.
items: items:
description: NamespaceSelector selects the namespaces to which description: |-
this ACL applies. An empty map of MatchLabels matches all NamespaceSelector selects the namespaces to which this ACL applies.
namespaces in a cluster. An empty map of MatchLabels matches all namespaces in a cluster.
properties: properties:
matchLabels: matchLabels:
additionalProperties: additionalProperties:
type: string type: string
description: MatchLabels is a map of {key,value} pairs. description: |-
A single {key,value} in the matchLabels map is equivalent MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
to an element of matchExpressions, whose key field is map is equivalent to an element of matchExpressions, whose key field is "key", the
"key", the operator is "In", and the values array contains operator is "In", and the values array contains only "value". The requirements are ANDed.
only "value". The requirements are ANDed.
type: object type: object
type: object type: object
type: array type: array
@ -80,18 +84,22 @@ spec:
description: The interval at which to check the upstream for updates. description: The interval at which to check the upstream for updates.
type: string type: string
passCredentials: passCredentials:
description: PassCredentials allows the credentials from the SecretRef description: |-
to be passed on to a host that does not match the host as defined PassCredentials allows the credentials from the SecretRef to be passed on to
in URL. This may be required if the host of the advertised chart a host that does not match the host as defined in URL.
URLs in the index differ from the defined URL. Enabling this should This may be required if the host of the advertised chart URLs in the index
be done with caution, as it can potentially result in credentials differ from the defined URL.
getting stolen in a MITM-attack. Enabling this should be done with caution, as it can potentially result in
credentials getting stolen in a MITM-attack.
type: boolean type: boolean
secretRef: secretRef:
description: The name of the secret containing authentication credentials description: |-
for the Helm repository. For HTTP/S basic auth the secret must contain The name of the secret containing authentication credentials for the Helm
username and password fields. For TLS the secret must contain a repository.
certFile and keyFile, and/or caFile fields. For HTTP/S basic auth the secret must contain username and
password fields.
For TLS the secret must contain a certFile and keyFile, and/or
caFile fields.
properties: properties:
name: name:
description: Name of the referent. description: Name of the referent.
@ -128,17 +136,19 @@ spec:
description: Checksum is the SHA256 checksum of the artifact. description: Checksum is the SHA256 checksum of the artifact.
type: string type: string
lastUpdateTime: lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to description: |-
the last update of this artifact. LastUpdateTime is the timestamp corresponding to the last update of this
artifact.
format: date-time format: date-time
type: string type: string
path: path:
description: Path is the relative file path of this artifact. description: Path is the relative file path of this artifact.
type: string type: string
revision: revision:
description: Revision is a human readable identifier traceable description: |-
in the origin source system. It can be a Git commit SHA, Git Revision is a human readable identifier traceable in the origin source
tag, a Helm index timestamp, a Helm chart version, etc. system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm
chart version, etc.
type: string type: string
url: url:
description: URL is the HTTP address of this artifact. description: URL is the HTTP address of this artifact.
@ -151,42 +161,42 @@ spec:
description: Conditions holds the conditions for the HelmRepository. description: Conditions holds the conditions for the HelmRepository.
items: items:
description: "Condition contains details for one aspect of the current description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct state of this API Resource.\n---\nThis struct is intended for
use as an array at the field path .status.conditions. For example, direct use as an array at the field path .status.conditions. For
\n type FooStatus struct{ // Represents the observations of a example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
foo's current state. // Known .status.conditions.type are: \"Available\", observations of a foo's current state.\n\t // Known .status.conditions.type
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
// +listType=map // +listMapKey=type Conditions []metav1.Condition +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
\ // other fields\n\t}"
properties: properties:
lastTransitionTime: lastTransitionTime:
description: lastTransitionTime is the last time the condition description: |-
transitioned from one status to another. This should be when lastTransitionTime is the last time the condition transitioned from one status to another.
the underlying condition changed. If that is not known, then This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
using the time when the API field changed is acceptable.
format: date-time format: date-time
type: string type: string
message: message:
description: message is a human readable message indicating description: |-
details about the transition. This may be an empty string. message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768 maxLength: 32768
type: string type: string
observedGeneration: observedGeneration:
description: observedGeneration represents the .metadata.generation description: |-
that the condition was set based upon. For instance, if .metadata.generation observedGeneration represents the .metadata.generation that the condition was set based upon.
is currently 12, but the .status.conditions[x].observedGeneration For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
is 9, the condition is out of date with respect to the current with respect to the current state of the instance.
state of the instance.
format: int64 format: int64
minimum: 0 minimum: 0
type: integer type: integer
reason: reason:
description: reason contains a programmatic identifier indicating description: |-
the reason for the condition's last transition. Producers reason contains a programmatic identifier indicating the reason for the condition's last transition.
of specific condition types may define expected values and Producers of specific condition types may define expected values and meanings for this field,
meanings for this field, and whether the values are considered and whether the values are considered a guaranteed API.
a guaranteed API. The value should be a CamelCase string. The value should be a CamelCase string.
This field may not be empty. This field may not be empty.
maxLength: 1024 maxLength: 1024
minLength: 1 minLength: 1
@ -200,11 +210,12 @@ spec:
- Unknown - Unknown
type: string type: string
type: type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. description: |-
--- Many .condition.type values are consistent across resources type of condition in CamelCase or in foo.example.com/CamelCase.
like Available, but because arbitrary conditions can be useful ---
(see .node.status.conditions), the ability to deconflict is Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) useful (see .node.status.conditions), the ability to deconflict is important.
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316 maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string type: string
@ -217,9 +228,10 @@ spec:
type: object type: object
type: array type: array
lastHandledReconcileAt: lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent description: |-
reconcile request value, so a change of the annotation value can LastHandledReconcileAt holds the value of the most recent
be detected. reconcile request value, so a change of the annotation value
can be detected.
type: string type: string
observedGeneration: observedGeneration:
description: ObservedGeneration is the last observed generation. description: ObservedGeneration is the last observed generation.
@ -253,43 +265,49 @@ spec:
description: HelmRepository is the Schema for the helmrepositories API. description: HelmRepository is the Schema for the helmrepositories API.
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
spec: spec:
description: HelmRepositorySpec specifies the required configuration to description: |-
produce an Artifact for a Helm repository index YAML. HelmRepositorySpec specifies the required configuration to produce an
Artifact for a Helm repository index YAML.
properties: properties:
accessFrom: accessFrom:
description: 'AccessFrom specifies an Access Control List for allowing description: |-
cross-namespace references to this object. NOTE: Not implemented, AccessFrom specifies an Access Control List for allowing cross-namespace
provisional as of https://github.com/fluxcd/flux2/pull/2092' references to this object.
NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
properties: properties:
namespaceSelectors: namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors description: |-
to which this ACL applies. Items in this list are evaluated NamespaceSelectors is the list of namespace selectors to which this ACL applies.
using a logical OR operation. Items in this list are evaluated using a logical OR operation.
items: items:
description: NamespaceSelector selects the namespaces to which description: |-
this ACL applies. An empty map of MatchLabels matches all NamespaceSelector selects the namespaces to which this ACL applies.
namespaces in a cluster. An empty map of MatchLabels matches all namespaces in a cluster.
properties: properties:
matchLabels: matchLabels:
additionalProperties: additionalProperties:
type: string type: string
description: MatchLabels is a map of {key,value} pairs. description: |-
A single {key,value} in the matchLabels map is equivalent MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
to an element of matchExpressions, whose key field is map is equivalent to an element of matchExpressions, whose key field is "key", the
"key", the operator is "In", and the values array contains operator is "In", and the values array contains only "value". The requirements are ANDed.
only "value". The requirements are ANDed.
type: object type: object
type: object type: object
type: array type: array
@ -297,15 +315,25 @@ spec:
- namespaceSelectors - namespaceSelectors
type: object type: object
certSecretRef: certSecretRef:
description: "CertSecretRef can be given the name of a Secret containing description: |-
either or both of \n - a PEM-encoded client certificate (`tls.crt`) CertSecretRef can be given the name of a Secret containing
and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) either or both of
\n and whichever are supplied, will be used for connecting to the
registry. The client cert and key are useful if you are authenticating
with a certificate; the CA cert is useful if you are using a self-signed - a PEM-encoded client certificate (`tls.crt`) and private
server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. key (`tls.key`);
\n It takes precedence over the values specified in the Secret referred - a PEM-encoded CA certificate (`ca.crt`)
to by `.spec.secretRef`."
and whichever are supplied, will be used for connecting to the
registry. The client cert and key are useful if you are
authenticating with a certificate; the CA cert is useful if
you are using a self-signed server certificate. The Secret must
be of type `Opaque` or `kubernetes.io/tls`.
It takes precedence over the values specified in the Secret referred
to by `.spec.secretRef`.
properties: properties:
name: name:
description: Name of the referent. description: Name of the referent.
@ -314,30 +342,32 @@ spec:
- name - name
type: object type: object
insecure: insecure:
description: Insecure allows connecting to a non-TLS HTTP container description: |-
registry. This field is only taken into account if the .spec.type Insecure allows connecting to a non-TLS HTTP container registry.
field is set to 'oci'. This field is only taken into account if the .spec.type field is set to 'oci'.
type: boolean type: boolean
interval: interval:
description: Interval at which the HelmRepository URL is checked for description: |-
updates. This interval is approximate and may be subject to jitter Interval at which the HelmRepository URL is checked for updates.
to ensure efficient use of resources. This interval is approximate and may be subject to jitter to ensure
efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string type: string
passCredentials: passCredentials:
description: PassCredentials allows the credentials from the SecretRef description: |-
to be passed on to a host that does not match the host as defined PassCredentials allows the credentials from the SecretRef to be passed
in URL. This may be required if the host of the advertised chart on to a host that does not match the host as defined in URL.
URLs in the index differ from the defined URL. Enabling this should This may be required if the host of the advertised chart URLs in the
be done with caution, as it can potentially result in credentials index differ from the defined URL.
getting stolen in a MITM-attack. Enabling this should be done with caution, as it can potentially result
in credentials getting stolen in a MITM-attack.
type: boolean type: boolean
provider: provider:
default: generic default: generic
description: Provider used for authentication, can be 'aws', 'azure', description: |-
'gcp' or 'generic'. This field is optional, and only taken into Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
account if the .spec.type field is set to 'oci'. When not specified, This field is optional, and only taken into account if the .spec.type field is set to 'oci'.
defaults to 'generic'. When not specified, defaults to 'generic'.
enum: enum:
- generic - generic
- aws - aws
@ -345,11 +375,13 @@ spec:
- gcp - gcp
type: string type: string
secretRef: secretRef:
description: SecretRef specifies the Secret containing authentication description: |-
credentials for the HelmRepository. For HTTP/S basic auth the secret SecretRef specifies the Secret containing authentication credentials
must contain 'username' and 'password' fields. Support for TLS auth for the HelmRepository.
using the 'certFile' and 'keyFile', and/or 'caFile' keys is deprecated. For HTTP/S basic auth the secret must contain 'username' and 'password'
Please use `.spec.certSecretRef` instead. fields.
Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile'
keys is deprecated. Please use `.spec.certSecretRef` instead.
properties: properties:
name: name:
description: Name of the referent. description: Name of the referent.
@ -358,26 +390,30 @@ spec:
- name - name
type: object type: object
suspend: suspend:
description: Suspend tells the controller to suspend the reconciliation description: |-
of this HelmRepository. Suspend tells the controller to suspend the reconciliation of this
HelmRepository.
type: boolean type: boolean
timeout: timeout:
description: Timeout is used for the index fetch operation for an description: |-
HTTPS helm repository, and for remote OCI Repository operations Timeout is used for the index fetch operation for an HTTPS helm repository,
like pulling for an OCI helm chart by the associated HelmChart. and for remote OCI Repository operations like pulling for an OCI helm
chart by the associated HelmChart.
Its default value is 60s. Its default value is 60s.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string type: string
type: type:
description: Type of the HelmRepository. When this field is set to "oci", description: |-
the URL field value must be prefixed with "oci://". Type of the HelmRepository.
When this field is set to "oci", the URL field value must be prefixed with "oci://".
enum: enum:
- default - default
- oci - oci
type: string type: string
url: url:
description: URL of the Helm repository, a valid URL contains at least description: |-
a protocol and host. URL of the Helm repository, a valid URL contains at least a protocol and
host.
pattern: ^(http|https|oci)://.*$ pattern: ^(http|https|oci)://.*$
type: string type: string
required: required:
@ -397,8 +433,9 @@ spec:
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string type: string
lastUpdateTime: lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to description: |-
the last update of the Artifact. LastUpdateTime is the timestamp corresponding to the last update of the
Artifact.
format: date-time format: date-time
type: string type: string
metadata: metadata:
@ -407,24 +444,25 @@ spec:
description: Metadata holds upstream information such as OCI annotations. description: Metadata holds upstream information such as OCI annotations.
type: object type: object
path: path:
description: Path is the relative file path of the Artifact. It description: |-
can be used to locate the file in the root of the Artifact storage Path is the relative file path of the Artifact. It can be used to locate
on the local file system of the controller managing the Source. the file in the root of the Artifact storage on the local file system of
the controller managing the Source.
type: string type: string
revision: revision:
description: Revision is a human-readable identifier traceable description: |-
in the origin source system. It can be a Git commit SHA, Git Revision is a human-readable identifier traceable in the origin source
tag, a Helm chart version, etc. system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
type: string type: string
size: size:
description: Size is the number of bytes in the file. description: Size is the number of bytes in the file.
format: int64 format: int64
type: integer type: integer
url: url:
description: URL is the HTTP address of the Artifact as exposed description: |-
by the controller managing the Source. It can be used to retrieve URL is the HTTP address of the Artifact as exposed by the controller
the Artifact for consumption, e.g. by another controller applying managing the Source. It can be used to retrieve the Artifact for
the Artifact contents. consumption, e.g. by another controller applying the Artifact contents.
type: string type: string
required: required:
- lastUpdateTime - lastUpdateTime
@ -436,42 +474,42 @@ spec:
description: Conditions holds the conditions for the HelmRepository. description: Conditions holds the conditions for the HelmRepository.
items: items:
description: "Condition contains details for one aspect of the current description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct state of this API Resource.\n---\nThis struct is intended for
use as an array at the field path .status.conditions. For example, direct use as an array at the field path .status.conditions. For
\n type FooStatus struct{ // Represents the observations of a example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
foo's current state. // Known .status.conditions.type are: \"Available\", observations of a foo's current state.\n\t // Known .status.conditions.type
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
// +listType=map // +listMapKey=type Conditions []metav1.Condition +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
\ // other fields\n\t}"
properties: properties:
lastTransitionTime: lastTransitionTime:
description: lastTransitionTime is the last time the condition description: |-
transitioned from one status to another. This should be when lastTransitionTime is the last time the condition transitioned from one status to another.
the underlying condition changed. If that is not known, then This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
using the time when the API field changed is acceptable.
format: date-time format: date-time
type: string type: string
message: message:
description: message is a human readable message indicating description: |-
details about the transition. This may be an empty string. message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768 maxLength: 32768
type: string type: string
observedGeneration: observedGeneration:
description: observedGeneration represents the .metadata.generation description: |-
that the condition was set based upon. For instance, if .metadata.generation observedGeneration represents the .metadata.generation that the condition was set based upon.
is currently 12, but the .status.conditions[x].observedGeneration For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
is 9, the condition is out of date with respect to the current with respect to the current state of the instance.
state of the instance.
format: int64 format: int64
minimum: 0 minimum: 0
type: integer type: integer
reason: reason:
description: reason contains a programmatic identifier indicating description: |-
the reason for the condition's last transition. Producers reason contains a programmatic identifier indicating the reason for the condition's last transition.
of specific condition types may define expected values and Producers of specific condition types may define expected values and meanings for this field,
meanings for this field, and whether the values are considered and whether the values are considered a guaranteed API.
a guaranteed API. The value should be a CamelCase string. The value should be a CamelCase string.
This field may not be empty. This field may not be empty.
maxLength: 1024 maxLength: 1024
minLength: 1 minLength: 1
@ -485,11 +523,12 @@ spec:
- Unknown - Unknown
type: string type: string
type: type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. description: |-
--- Many .condition.type values are consistent across resources type of condition in CamelCase or in foo.example.com/CamelCase.
like Available, but because arbitrary conditions can be useful ---
(see .node.status.conditions), the ability to deconflict is Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) useful (see .node.status.conditions), the ability to deconflict is important.
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316 maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string type: string
@ -502,19 +541,22 @@ spec:
type: object type: object
type: array type: array
lastHandledReconcileAt: lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent description: |-
reconcile request value, so a change of the annotation value can LastHandledReconcileAt holds the value of the most recent
be detected. reconcile request value, so a change of the annotation value
can be detected.
type: string type: string
observedGeneration: observedGeneration:
description: ObservedGeneration is the last observed generation of description: |-
the HelmRepository object. ObservedGeneration is the last observed generation of the HelmRepository
object.
format: int64 format: int64
type: integer type: integer
url: url:
description: URL is the dynamic fetch link for the latest Artifact. description: |-
It is provided on a "best effort" basis, and using the precise HelmRepositoryStatus.Artifact URL is the dynamic fetch link for the latest Artifact.
data is recommended. It is provided on a "best effort" basis, and using the precise
HelmRepositoryStatus.Artifact data is recommended.
type: string type: string
type: object type: object
type: object type: object

302
config/crd/bases/source.toolkit.fluxcd.io_ocirepositories.yaml
View File

@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.12.0 controller-gen.kubebuilder.io/version: v0.14.0
name: ocirepositories.source.toolkit.fluxcd.io name: ocirepositories.source.toolkit.fluxcd.io
spec: spec:
group: source.toolkit.fluxcd.io group: source.toolkit.fluxcd.io
@ -35,14 +35,19 @@ spec:
description: OCIRepository is the Schema for the ocirepositories API description: OCIRepository is the Schema for the ocirepositories API
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: |-
of an object. Servers should convert recognized schemas to the latest APIVersion defines the versioned schema of this representation of an object.
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string type: string
kind: kind:
description: 'Kind is a string value representing the REST resource this description: |-
object represents. Servers may infer this from the endpoint the client Kind is a string value representing the REST resource this object represents.
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string type: string
metadata: metadata:
type: object type: object
@ -50,15 +55,25 @@ spec:
description: OCIRepositorySpec defines the desired state of OCIRepository description: OCIRepositorySpec defines the desired state of OCIRepository
properties: properties:
certSecretRef: certSecretRef:
description: "CertSecretRef can be given the name of a Secret containing description: |-
either or both of \n - a PEM-encoded client certificate (`tls.crt`) CertSecretRef can be given the name of a Secret containing
and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`) either or both of
\n and whichever are supplied, will be used for connecting to the
registry. The client cert and key are useful if you are authenticating
with a certificate; the CA cert is useful if you are using a self-signed - a PEM-encoded client certificate (`tls.crt`) and private
server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. key (`tls.key`);
\n Note: Support for the `caFile`, `certFile` and `keyFile` keys - a PEM-encoded CA certificate (`ca.crt`)
have been deprecated."
and whichever are supplied, will be used for connecting to the
registry. The client cert and key are useful if you are
authenticating with a certificate; the CA cert is useful if
you are using a self-signed server certificate. The Secret must
be of type `Opaque` or `kubernetes.io/tls`.
Note: Support for the `caFile`, `certFile` and `keyFile` keys have
been deprecated.
properties: properties:
name: name:
description: Name of the referent. description: Name of the referent.
@ -67,36 +82,39 @@ spec:
- name - name
type: object type: object
ignore: ignore:
description: Ignore overrides the set of excluded patterns in the description: |-
.sourceignore format (which is the same as .gitignore). If not provided, Ignore overrides the set of excluded patterns in the .sourceignore format
a default will be used, consult the documentation for your version (which is the same as .gitignore). If not provided, a default will be used,
to find out what those are. consult the documentation for your version to find out what those are.
type: string type: string
insecure: insecure:
description: Insecure allows connecting to a non-TLS HTTP container description: Insecure allows connecting to a non-TLS HTTP container
registry. registry.
type: boolean type: boolean
interval: interval:
description: Interval at which the OCIRepository URL is checked for description: |-
updates. This interval is approximate and may be subject to jitter Interval at which the OCIRepository URL is checked for updates.
to ensure efficient use of resources. This interval is approximate and may be subject to jitter to ensure
efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string type: string
layerSelector: layerSelector:
description: LayerSelector specifies which layer should be extracted description: |-
from the OCI artifact. When not specified, the first layer found LayerSelector specifies which layer should be extracted from the OCI artifact.
in the artifact is selected. When not specified, the first layer found in the artifact is selected.
properties: properties:
mediaType: mediaType:
description: MediaType specifies the OCI media type of the layer description: |-
which should be extracted from the OCI Artifact. The first layer MediaType specifies the OCI media type of the layer
matching this type is selected. which should be extracted from the OCI Artifact. The
first layer matching this type is selected.
type: string type: string
operation: operation:
description: Operation specifies how the selected layer should description: |-
be processed. By default, the layer compressed content is extracted Operation specifies how the selected layer should be processed.
to storage. When the operation is set to 'copy', the layer compressed By default, the layer compressed content is extracted to storage.
content is persisted to storage as it is. When the operation is set to 'copy', the layer compressed content
is persisted to storage as it is.
enum: enum:
- extract - extract
- copy - copy
@ -104,8 +122,9 @@ spec:
type: object type: object
provider: provider:
default: generic default: generic
description: The provider used for authentication, can be 'aws', 'azure', description: |-
'gcp' or 'generic'. When not specified, defaults to 'generic'. The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
When not specified, defaults to 'generic'.
enum: enum:
- generic - generic
- aws - aws
@ -113,25 +132,29 @@ spec:
- gcp - gcp
type: string type: string
ref: ref:
description: The OCI reference to pull and monitor for changes, defaults description: |-
to the latest tag. The OCI reference to pull and monitor for changes,
defaults to the latest tag.
properties: properties:
digest: digest:
description: Digest is the image digest to pull, takes precedence description: |-
over SemVer. The value should be in the format 'sha256:<HASH>'. Digest is the image digest to pull, takes precedence over SemVer.
The value should be in the format 'sha256:<HASH>'.
type: string type: string
semver: semver:
description: SemVer is the range of tags to pull selecting the description: |-
latest within the range, takes precedence over Tag. SemVer is the range of tags to pull selecting the latest within
the range, takes precedence over Tag.
type: string type: string
tag: tag:
description: Tag is the image tag to pull, defaults to latest. description: Tag is the image tag to pull, defaults to latest.
type: string type: string
type: object type: object
secretRef: secretRef:
description: SecretRef contains the secret name containing the registry description: |-
login credentials to resolve image metadata. The secret must be SecretRef contains the secret name containing the registry login
of type kubernetes.io/dockerconfigjson. credentials to resolve image metadata.
The secret must be of type kubernetes.io/dockerconfigjson.
properties: properties:
name: name:
description: Name of the referent. description: Name of the referent.
@ -140,9 +163,10 @@ spec:
- name - name
type: object type: object
serviceAccountName: serviceAccountName:
description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount description: |-
used to authenticate the image pull if the service account has attached ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate
pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' the image pull if the service account has attached pull secrets. For more information:
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account
type: string type: string
suspend: suspend:
description: This flag tells the controller to suspend the reconciliation description: This flag tells the controller to suspend the reconciliation
@ -155,35 +179,39 @@ spec:
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string type: string
url: url:
description: URL is a reference to an OCI artifact repository hosted description: |-
URL is a reference to an OCI artifact repository hosted
on a remote container registry. on a remote container registry.
pattern: ^oci://.*$ pattern: ^oci://.*$
type: string type: string
verify: verify:
description: Verify contains the secret name containing the trusted description: |-
public keys used to verify the signature and specifies which provider Verify contains the secret name containing the trusted public keys
to use to check whether OCI image is authentic. used to verify the signature and specifies which provider to use to check
whether OCI image is authentic.
properties: properties:
matchOIDCIdentity: matchOIDCIdentity:
description: MatchOIDCIdentity specifies the identity matching description: |-
criteria to use while verifying an OCI artifact which was signed MatchOIDCIdentity specifies the identity matching criteria to use
using Cosign keyless signing. The artifact's identity is deemed while verifying an OCI artifact which was signed using Cosign keyless
to be verified if any of the specified matchers match against signing. The artifact's identity is deemed to be verified if any of the
the identity. specified matchers match against the identity.
items: items:
description: OIDCIdentityMatch specifies options for verifying description: |-
the certificate identity, i.e. the issuer and the subject OIDCIdentityMatch specifies options for verifying the certificate identity,
of the certificate. i.e. the issuer and the subject of the certificate.
properties: properties:
issuer: issuer:
description: Issuer specifies the regex pattern to match description: |-
against to verify the OIDC issuer in the Fulcio certificate. Issuer specifies the regex pattern to match against to verify
The pattern must be a valid Go regular expression. the OIDC issuer in the Fulcio certificate. The pattern must be a
valid Go regular expression.
type: string type: string
subject: subject:
description: Subject specifies the regex pattern to match description: |-
against to verify the identity subject in the Fulcio certificate. Subject specifies the regex pattern to match against to verify
The pattern must be a valid Go regular expression. the identity subject in the Fulcio certificate. The pattern must
be a valid Go regular expression.
type: string type: string
required: required:
- issuer - issuer
@ -198,8 +226,9 @@ spec:
- cosign - cosign
type: string type: string
secretRef: secretRef:
description: SecretRef specifies the Kubernetes Secret containing description: |-
the trusted public keys. SecretRef specifies the Kubernetes Secret containing the
trusted public keys.
properties: properties:
name: name:
description: Name of the referent. description: Name of the referent.
@ -228,8 +257,9 @@ spec:
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string type: string
lastUpdateTime: lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to description: |-
the last update of the Artifact. LastUpdateTime is the timestamp corresponding to the last update of the
Artifact.
format: date-time format: date-time
type: string type: string
metadata: metadata:
@ -238,24 +268,25 @@ spec:
description: Metadata holds upstream information such as OCI annotations. description: Metadata holds upstream information such as OCI annotations.
type: object type: object
path: path:
description: Path is the relative file path of the Artifact. It description: |-
can be used to locate the file in the root of the Artifact storage Path is the relative file path of the Artifact. It can be used to locate
on the local file system of the controller managing the Source. the file in the root of the Artifact storage on the local file system of
the controller managing the Source.
type: string type: string
revision: revision:
description: Revision is a human-readable identifier traceable description: |-
in the origin source system. It can be a Git commit SHA, Git Revision is a human-readable identifier traceable in the origin source
tag, a Helm chart version, etc. system. It can be a Git commit SHA, Git tag, a Helm chart version, etc.
type: string type: string
size: size:
description: Size is the number of bytes in the file. description: Size is the number of bytes in the file.
format: int64 format: int64
type: integer type: integer
url: url:
description: URL is the HTTP address of the Artifact as exposed description: |-
by the controller managing the Source. It can be used to retrieve URL is the HTTP address of the Artifact as exposed by the controller
the Artifact for consumption, e.g. by another controller applying managing the Source. It can be used to retrieve the Artifact for
the Artifact contents. consumption, e.g. by another controller applying the Artifact contents.
type: string type: string
required: required:
- lastUpdateTime - lastUpdateTime
@ -267,42 +298,42 @@ spec:
description: Conditions holds the conditions for the OCIRepository. description: Conditions holds the conditions for the OCIRepository.
items: items:
description: "Condition contains details for one aspect of the current description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct state of this API Resource.\n---\nThis struct is intended for
use as an array at the field path .status.conditions. For example, direct use as an array at the field path .status.conditions. For
\n type FooStatus struct{ // Represents the observations of a example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
foo's current state. // Known .status.conditions.type are: \"Available\", observations of a foo's current state.\n\t // Known .status.conditions.type
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
// +listType=map // +listMapKey=type Conditions []metav1.Condition +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
\ // other fields\n\t}"
properties: properties:
lastTransitionTime: lastTransitionTime:
description: lastTransitionTime is the last time the condition description: |-
transitioned from one status to another. This should be when lastTransitionTime is the last time the condition transitioned from one status to another.
the underlying condition changed. If that is not known, then This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
using the time when the API field changed is acceptable.
format: date-time format: date-time
type: string type: string
message: message:
description: message is a human readable message indicating description: |-
details about the transition. This may be an empty string. message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768 maxLength: 32768
type: string type: string
observedGeneration: observedGeneration:
description: observedGeneration represents the .metadata.generation description: |-
that the condition was set based upon. For instance, if .metadata.generation observedGeneration represents the .metadata.generation that the condition was set based upon.
is currently 12, but the .status.conditions[x].observedGeneration For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
is 9, the condition is out of date with respect to the current with respect to the current state of the instance.
state of the instance.
format: int64 format: int64
minimum: 0 minimum: 0
type: integer type: integer
reason: reason:
description: reason contains a programmatic identifier indicating description: |-
the reason for the condition's last transition. Producers reason contains a programmatic identifier indicating the reason for the condition's last transition.
of specific condition types may define expected values and Producers of specific condition types may define expected values and meanings for this field,
meanings for this field, and whether the values are considered and whether the values are considered a guaranteed API.
a guaranteed API. The value should be a CamelCase string. The value should be a CamelCase string.
This field may not be empty. This field may not be empty.
maxLength: 1024 maxLength: 1024
minLength: 1 minLength: 1
@ -316,11 +347,12 @@ spec:
- Unknown - Unknown
type: string type: string
type: type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. description: |-
--- Many .condition.type values are consistent across resources type of condition in CamelCase or in foo.example.com/CamelCase.
like Available, but because arbitrary conditions can be useful ---
(see .node.status.conditions), the ability to deconflict is Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) useful (see .node.status.conditions), the ability to deconflict is important.
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316 maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string type: string
@ -333,42 +365,52 @@ spec:
type: object type: object
type: array type: array
contentConfigChecksum: contentConfigChecksum:
description: "ContentConfigChecksum is a checksum of all the configurations description: |-
related to the content of the source artifact: - .spec.ignore - ContentConfigChecksum is a checksum of all the configurations related to
.spec.layerSelector observed in .status.observedGeneration version the content of the source artifact:
of the object. This can be used to determine if the content configuration - .spec.ignore
has changed and the artifact needs to be rebuilt. It has the format - .spec.layerSelector
of `<algo>:<checksum>`, for example: `sha256:<checksum>`. \n Deprecated: observed in .status.observedGeneration version of the object. This can
Replaced with explicit fields for observed artifact content config be used to determine if the content configuration has changed and the
in the status." artifact needs to be rebuilt.
It has the format of `<algo>:<checksum>`, for example: `sha256:<checksum>`.
Deprecated: Replaced with explicit fields for observed artifact content
config in the status.
type: string type: string
lastHandledReconcileAt: lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent description: |-
reconcile request value, so a change of the annotation value can LastHandledReconcileAt holds the value of the most recent
be detected. reconcile request value, so a change of the annotation value
can be detected.
type: string type: string
observedGeneration: observedGeneration:
description: ObservedGeneration is the last observed generation. description: ObservedGeneration is the last observed generation.
format: int64 format: int64
type: integer type: integer
observedIgnore: observedIgnore:
description: ObservedIgnore is the observed exclusion patterns used description: |-
for constructing the source artifact. ObservedIgnore is the observed exclusion patterns used for constructing
the source artifact.
type: string type: string
observedLayerSelector: observedLayerSelector:
description: ObservedLayerSelector is the observed layer selector description: |-
used for constructing the source artifact. ObservedLayerSelector is the observed layer selector used for constructing
the source artifact.
properties: properties:
mediaType: mediaType:
description: MediaType specifies the OCI media type of the layer description: |-
which should be extracted from the OCI Artifact. The first layer MediaType specifies the OCI media type of the layer
matching this type is selected. which should be extracted from the OCI Artifact. The
first layer matching this type is selected.
type: string type: string
operation: operation:
description: Operation specifies how the selected layer should description: |-
be processed. By default, the layer compressed content is extracted Operation specifies how the selected layer should be processed.
to storage. When the operation is set to 'copy', the layer compressed By default, the layer compressed content is extracted to storage.
content is persisted to storage as it is. When the operation is set to 'copy', the layer compressed content
is persisted to storage as it is.
enum: enum:
- extract - extract
- copy - copy