From 15173e78a392172a95ea5ed44e1ebd92e192bdca Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Wed, 3 Dec 2025 04:59:57 +0000 Subject: [PATCH] Automated Manifest Update (#2189) This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow. Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/2189 Co-authored-by: gitea-bot Co-committed-by: gitea-bot --- clusters/cl01tl/manifests/argocd/argocd.yaml | 29366 ++++++++++++++++ .../cl01tl/manifests/backrest/backrest.yaml | 42 +- clusters/cl01tl/manifests/cilium/cilium.yaml | 16 +- clusters/cl01tl/manifests/harbor/harbor.yaml | 8 +- clusters/cl01tl/manifests/komodo/komodo.yaml | 102 +- .../matrix-synapse/matrix-synapse.yaml | 4 +- .../manifests/qbittorrent/qbittorrent.yaml | 260 +- .../manifests/s3-exporter/s3-exporter.yaml | 264 +- clusters/cl01tl/manifests/slskd/slskd.yaml | 144 +- clusters/cl01tl/manifests/talos/talos.yaml | 144 +- clusters/cl01tl/manifests/tdarr/tdarr.yaml | 4 +- clusters/cl01tl/manifests/vault/vault.yaml | 96 +- 12 files changed, 29908 insertions(+), 542 deletions(-) create mode 100644 clusters/cl01tl/manifests/argocd/argocd.yaml diff --git a/clusters/cl01tl/manifests/argocd/argocd.yaml b/clusters/cl01tl/manifests/argocd/argocd.yaml new file mode 100644 index 000000000..570a65845 --- /dev/null +++ b/clusters/cl01tl/manifests/argocd/argocd.yaml @@ -0,0 +1,29366 @@ +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-ha-serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-redis-ha + namespace: "argocd" + labels: + heritage: Helm + release: argocd + chart: redis-ha-4.34.11 + app: argocd-redis-ha +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-haproxy-serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-redis-ha-haproxy + namespace: "argocd" + labels: + heritage: Helm + release: argocd + chart: redis-ha-4.34.11 + app: argocd-redis-ha +--- +# Source: argocd/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: argocd-application-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +--- +# Source: argocd/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: argocd-applicationset-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +--- +# Source: argocd/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: argocd-notifications-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +--- +# Source: argocd/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: argocd-repo-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +--- +# Source: argocd/charts/argo-cd/templates/argocd-server/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: argocd-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +--- +# Source: argocd/charts/argo-cd/templates/dex/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: argocd-dex-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: dex-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +--- +# Source: argocd/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: argocd-secret + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-secret + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +type: Opaque +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-ha-configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-redis-ha-configmap + namespace: "argocd" + labels: + heritage: Helm + release: argocd + chart: redis-ha-4.34.11 + app: argocd-redis-ha +data: + redis.conf: | + dir "/data" + port 6379 + rename-command FLUSHDB "" + rename-command FLUSHALL "" + maxmemory 0 + maxmemory-policy volatile-lru + min-replicas-max-lag 5 + min-replicas-to-write 1 + rdbchecksum yes + rdbcompression yes + repl-diskless-sync yes + save "" + + sentinel.conf: | + dir "/data" + port 26379 + sentinel down-after-milliseconds argocd 10000 + sentinel failover-timeout argocd 180000 + maxclients 10000 + sentinel parallel-syncs argocd 5 + + init.sh: | + echo "$(date) Start..." + HOSTNAME="$(hostname)" + INDEX="${HOSTNAME##*-}" + SENTINEL_PORT=26379 + ANNOUNCE_IP='' + MASTER='' + MASTER_GROUP="argocd" + QUORUM="2" + REDIS_CONF=/data/conf/redis.conf + REDIS_PORT=6379 + REDIS_TLS_PORT= + SENTINEL_CONF=/data/conf/sentinel.conf + SENTINEL_TLS_PORT= + SERVICE=argocd-redis-ha + SENTINEL_TLS_REPLICATION_ENABLED=false + REDIS_TLS_REPLICATION_ENABLED=false + + set -eu + sentinel_get_master() { + set +e + if [ "$SENTINEL_PORT" -eq 0 ]; then + redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel get-master-addr-by-name "${MASTER_GROUP}" |\ + grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))' + else + redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel get-master-addr-by-name "${MASTER_GROUP}" |\ + grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))' + fi + set -e + } + + sentinel_get_master_retry() { + master='' + retry=${1} + sleep=3 + for i in $(seq 1 "${retry}"); do + master=$(sentinel_get_master) + if [ -n "${master}" ]; then + break + fi + sleep $((sleep + i)) + done + echo "${master}" + } + + identify_master() { + echo "Identifying redis master (get-master-addr-by-name).." + echo " using sentinel (argocd-redis-ha), sentinel group name (argocd)" + MASTER="$(sentinel_get_master_retry 3)" + if [ -n "${MASTER}" ]; then + echo " $(date) Found redis master (${MASTER})" + else + echo " $(date) Did not find redis master (${MASTER})" + fi + } + + sentinel_update() { + echo "Updating sentinel config.." + echo " evaluating sentinel id (\${SENTINEL_ID_${INDEX}})" + eval MY_SENTINEL_ID="\$SENTINEL_ID_${INDEX}" + echo " sentinel id (${MY_SENTINEL_ID}), sentinel grp (${MASTER_GROUP}), quorum (${QUORUM})" + sed -i "1s/^/sentinel myid ${MY_SENTINEL_ID}\\n/" "${SENTINEL_CONF}" + if [ "$SENTINEL_TLS_REPLICATION_ENABLED" = true ]; then + echo " redis master (${1}:${REDIS_TLS_PORT})" + sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_TLS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}" + else + echo " redis master (${1}:${REDIS_PORT})" + sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}" + fi + echo "sentinel announce-ip ${ANNOUNCE_IP}" >> ${SENTINEL_CONF} + if [ "$SENTINEL_PORT" -eq 0 ]; then + echo " announce (${ANNOUNCE_IP}:${SENTINEL_TLS_PORT})" + echo "sentinel announce-port ${SENTINEL_TLS_PORT}" >> ${SENTINEL_CONF} + else + echo " announce (${ANNOUNCE_IP}:${SENTINEL_PORT})" + echo "sentinel announce-port ${SENTINEL_PORT}" >> ${SENTINEL_CONF} + fi + } + + redis_update() { + echo "Updating redis config.." + if [ "$REDIS_TLS_REPLICATION_ENABLED" = true ]; then + echo " we are slave of redis master (${1}:${REDIS_TLS_PORT})" + echo "slaveof ${1} ${REDIS_TLS_PORT}" >> "${REDIS_CONF}" + echo "slave-announce-port ${REDIS_TLS_PORT}" >> ${REDIS_CONF} + else + echo " we are slave of redis master (${1}:${REDIS_PORT})" + echo "slaveof ${1} ${REDIS_PORT}" >> "${REDIS_CONF}" + echo "slave-announce-port ${REDIS_PORT}" >> ${REDIS_CONF} + fi + echo "slave-announce-ip ${ANNOUNCE_IP}" >> ${REDIS_CONF} + } + + copy_config() { + echo "Copying default redis config.." + echo " to '${REDIS_CONF}'" + cp /readonly-config/redis.conf "${REDIS_CONF}" + echo "Copying default sentinel config.." + echo " to '${SENTINEL_CONF}'" + cp /readonly-config/sentinel.conf "${SENTINEL_CONF}" + } + + setup_defaults() { + echo "Setting up defaults.." + echo " using statefulset index (${INDEX})" + if [ "${INDEX}" = "0" ]; then + echo "Setting this pod as master for redis and sentinel.." + echo " using announce (${ANNOUNCE_IP})" + redis_update "${ANNOUNCE_IP}" + sentinel_update "${ANNOUNCE_IP}" + echo " make sure ${ANNOUNCE_IP} is not a slave (slaveof no one)" + sed -i "s/^.*slaveof.*//" "${REDIS_CONF}" + else + echo "Getting redis master ip.." + echo " blindly assuming (${SERVICE}-announce-0) or (${SERVICE}-server-0) are master" + DEFAULT_MASTER="$(getent_hosts 0 | awk '{ print $1 }')" + if [ -z "${DEFAULT_MASTER}" ]; then + echo "Error: Unable to resolve redis master (getent hosts)." + exit 1 + fi + echo " identified redis (may be redis master) ip (${DEFAULT_MASTER})" + echo "Setting default slave config for redis and sentinel.." + echo " using master ip (${DEFAULT_MASTER})" + redis_update "${DEFAULT_MASTER}" + sentinel_update "${DEFAULT_MASTER}" + fi + } + + redis_ping() { + set +e + if [ "$REDIS_PORT" -eq 0 ]; then + redis-cli -h "${MASTER}" -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key ping + else + redis-cli -h "${MASTER}" -p "${REDIS_PORT}" ping + fi + set -e + } + + redis_ping_retry() { + ping='' + retry=${1} + sleep=3 + for i in $(seq 1 "${retry}"); do + if [ "$(redis_ping)" = "PONG" ]; then + ping='PONG' + break + fi + sleep $((sleep + i)) + MASTER=$(sentinel_get_master) + done + echo "${ping}" + } + + find_master() { + echo "Verifying redis master.." + if [ "$REDIS_PORT" -eq 0 ]; then + echo " ping (${MASTER}:${REDIS_TLS_PORT})" + else + echo " ping (${MASTER}:${REDIS_PORT})" + fi + if [ "$(redis_ping_retry 3)" != "PONG" ]; then + echo " $(date) Can't ping redis master (${MASTER})" + echo "Attempting to force failover (sentinel failover).." + + if [ "$SENTINEL_PORT" -eq 0 ]; then + echo " on sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})" + if redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then + echo " $(date) Failover returned with 'NOGOODSLAVE'" + echo "Setting defaults for this pod.." + setup_defaults + return 0 + fi + else + echo " on sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})" + if redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then + echo " $(date) Failover returned with 'NOGOODSLAVE'" + echo "Setting defaults for this pod.." + setup_defaults + return 0 + fi + fi + + echo "Hold on for 10sec" + sleep 10 + echo "We should get redis master's ip now. Asking (get-master-addr-by-name).." + if [ "$SENTINEL_PORT" -eq 0 ]; then + echo " sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})" + else + echo " sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})" + fi + MASTER="$(sentinel_get_master)" + if [ "${MASTER}" ]; then + echo " $(date) Found redis master (${MASTER})" + echo "Updating redis and sentinel config.." + sentinel_update "${MASTER}" + redis_update "${MASTER}" + else + echo "$(date) Error: Could not failover, exiting..." + exit 1 + fi + else + echo " $(date) Found reachable redis master (${MASTER})" + echo "Updating redis and sentinel config.." + sentinel_update "${MASTER}" + redis_update "${MASTER}" + fi + } + + redis_ro_update() { + echo "Updating read-only redis config.." + echo " redis.conf set 'replica-priority 0'" + echo "replica-priority 0" >> ${REDIS_CONF} + } + + getent_hosts() { + index=${1:-${INDEX}} + service="${SERVICE}-announce-${index}" + host=$(getent hosts "${service}") + echo "${host}" + } + + identify_announce_ip() { + echo "Identify announce ip for this pod.." + echo " using (${SERVICE}-announce-${INDEX}) or (${SERVICE}-server-${INDEX})" + ANNOUNCE_IP=$(getent_hosts | awk '{ print $1 }') + echo " identified announce (${ANNOUNCE_IP})" + } + + mkdir -p /data/conf/ + + echo "Initializing config.." + copy_config + + # where is redis master + identify_master + + identify_announce_ip + + if [ -z "${ANNOUNCE_IP}" ]; then + "Error: Could not resolve the announce ip for this pod" + exit 1 + elif [ "${MASTER}" ]; then + find_master + else + setup_defaults + fi + + if [ "${AUTH:-}" ]; then + echo "Setting redis auth values.." + ESCAPED_AUTH=$(echo "${AUTH}" | sed -e 's/[\/&]/\\&/g'); + sed -i "s/replace-default-auth/${ESCAPED_AUTH}/" "${REDIS_CONF}" "${SENTINEL_CONF}" + fi + + if [ "${SENTINELAUTH:-}" ]; then + echo "Setting sentinel auth values" + ESCAPED_AUTH_SENTINEL=$(echo "$SENTINELAUTH" | sed -e 's/[\/&]/\\&/g'); + sed -i "s/replace-default-sentinel-auth/${ESCAPED_AUTH_SENTINEL}/" "$SENTINEL_CONF" + fi + + echo "$(date) Ready..." + + fix-split-brain.sh: | + HOSTNAME="$(hostname)" + INDEX="${HOSTNAME##*-}" + SENTINEL_PORT=26379 + ANNOUNCE_IP='' + MASTER='' + MASTER_GROUP="argocd" + QUORUM="2" + REDIS_CONF=/data/conf/redis.conf + REDIS_PORT=6379 + REDIS_TLS_PORT= + SENTINEL_CONF=/data/conf/sentinel.conf + SENTINEL_TLS_PORT= + SERVICE=argocd-redis-ha + SENTINEL_TLS_REPLICATION_ENABLED=false + REDIS_TLS_REPLICATION_ENABLED=false + + ROLE='' + REDIS_MASTER='' + + set -eu + sentinel_get_master() { + set +e + if [ "$SENTINEL_PORT" -eq 0 ]; then + redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel get-master-addr-by-name "${MASTER_GROUP}" |\ + grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))' + else + redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel get-master-addr-by-name "${MASTER_GROUP}" |\ + grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))' + fi + set -e + } + + sentinel_get_master_retry() { + master='' + retry=${1} + sleep=3 + for i in $(seq 1 "${retry}"); do + master=$(sentinel_get_master) + if [ -n "${master}" ]; then + break + fi + sleep $((sleep + i)) + done + echo "${master}" + } + + identify_master() { + echo "Identifying redis master (get-master-addr-by-name).." + echo " using sentinel (argocd-redis-ha), sentinel group name (argocd)" + MASTER="$(sentinel_get_master_retry 3)" + if [ -n "${MASTER}" ]; then + echo " $(date) Found redis master (${MASTER})" + else + echo " $(date) Did not find redis master (${MASTER})" + fi + } + + sentinel_update() { + echo "Updating sentinel config.." + echo " evaluating sentinel id (\${SENTINEL_ID_${INDEX}})" + eval MY_SENTINEL_ID="\$SENTINEL_ID_${INDEX}" + echo " sentinel id (${MY_SENTINEL_ID}), sentinel grp (${MASTER_GROUP}), quorum (${QUORUM})" + sed -i "1s/^/sentinel myid ${MY_SENTINEL_ID}\\n/" "${SENTINEL_CONF}" + if [ "$SENTINEL_TLS_REPLICATION_ENABLED" = true ]; then + echo " redis master (${1}:${REDIS_TLS_PORT})" + sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_TLS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}" + else + echo " redis master (${1}:${REDIS_PORT})" + sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}" + fi + echo "sentinel announce-ip ${ANNOUNCE_IP}" >> ${SENTINEL_CONF} + if [ "$SENTINEL_PORT" -eq 0 ]; then + echo " announce (${ANNOUNCE_IP}:${SENTINEL_TLS_PORT})" + echo "sentinel announce-port ${SENTINEL_TLS_PORT}" >> ${SENTINEL_CONF} + else + echo " announce (${ANNOUNCE_IP}:${SENTINEL_PORT})" + echo "sentinel announce-port ${SENTINEL_PORT}" >> ${SENTINEL_CONF} + fi + } + + redis_update() { + echo "Updating redis config.." + if [ "$REDIS_TLS_REPLICATION_ENABLED" = true ]; then + echo " we are slave of redis master (${1}:${REDIS_TLS_PORT})" + echo "slaveof ${1} ${REDIS_TLS_PORT}" >> "${REDIS_CONF}" + echo "slave-announce-port ${REDIS_TLS_PORT}" >> ${REDIS_CONF} + else + echo " we are slave of redis master (${1}:${REDIS_PORT})" + echo "slaveof ${1} ${REDIS_PORT}" >> "${REDIS_CONF}" + echo "slave-announce-port ${REDIS_PORT}" >> ${REDIS_CONF} + fi + echo "slave-announce-ip ${ANNOUNCE_IP}" >> ${REDIS_CONF} + } + + copy_config() { + echo "Copying default redis config.." + echo " to '${REDIS_CONF}'" + cp /readonly-config/redis.conf "${REDIS_CONF}" + echo "Copying default sentinel config.." + echo " to '${SENTINEL_CONF}'" + cp /readonly-config/sentinel.conf "${SENTINEL_CONF}" + } + + setup_defaults() { + echo "Setting up defaults.." + echo " using statefulset index (${INDEX})" + if [ "${INDEX}" = "0" ]; then + echo "Setting this pod as master for redis and sentinel.." + echo " using announce (${ANNOUNCE_IP})" + redis_update "${ANNOUNCE_IP}" + sentinel_update "${ANNOUNCE_IP}" + echo " make sure ${ANNOUNCE_IP} is not a slave (slaveof no one)" + sed -i "s/^.*slaveof.*//" "${REDIS_CONF}" + else + echo "Getting redis master ip.." + echo " blindly assuming (${SERVICE}-announce-0) or (${SERVICE}-server-0) are master" + DEFAULT_MASTER="$(getent_hosts 0 | awk '{ print $1 }')" + if [ -z "${DEFAULT_MASTER}" ]; then + echo "Error: Unable to resolve redis master (getent hosts)." + exit 1 + fi + echo " identified redis (may be redis master) ip (${DEFAULT_MASTER})" + echo "Setting default slave config for redis and sentinel.." + echo " using master ip (${DEFAULT_MASTER})" + redis_update "${DEFAULT_MASTER}" + sentinel_update "${DEFAULT_MASTER}" + fi + } + + redis_ping() { + set +e + if [ "$REDIS_PORT" -eq 0 ]; then + redis-cli -h "${MASTER}" -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key ping + else + redis-cli -h "${MASTER}" -p "${REDIS_PORT}" ping + fi + set -e + } + + redis_ping_retry() { + ping='' + retry=${1} + sleep=3 + for i in $(seq 1 "${retry}"); do + if [ "$(redis_ping)" = "PONG" ]; then + ping='PONG' + break + fi + sleep $((sleep + i)) + MASTER=$(sentinel_get_master) + done + echo "${ping}" + } + + find_master() { + echo "Verifying redis master.." + if [ "$REDIS_PORT" -eq 0 ]; then + echo " ping (${MASTER}:${REDIS_TLS_PORT})" + else + echo " ping (${MASTER}:${REDIS_PORT})" + fi + if [ "$(redis_ping_retry 3)" != "PONG" ]; then + echo " $(date) Can't ping redis master (${MASTER})" + echo "Attempting to force failover (sentinel failover).." + + if [ "$SENTINEL_PORT" -eq 0 ]; then + echo " on sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})" + if redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then + echo " $(date) Failover returned with 'NOGOODSLAVE'" + echo "Setting defaults for this pod.." + setup_defaults + return 0 + fi + else + echo " on sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})" + if redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then + echo " $(date) Failover returned with 'NOGOODSLAVE'" + echo "Setting defaults for this pod.." + setup_defaults + return 0 + fi + fi + + echo "Hold on for 10sec" + sleep 10 + echo "We should get redis master's ip now. Asking (get-master-addr-by-name).." + if [ "$SENTINEL_PORT" -eq 0 ]; then + echo " sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})" + else + echo " sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})" + fi + MASTER="$(sentinel_get_master)" + if [ "${MASTER}" ]; then + echo " $(date) Found redis master (${MASTER})" + echo "Updating redis and sentinel config.." + sentinel_update "${MASTER}" + redis_update "${MASTER}" + else + echo "$(date) Error: Could not failover, exiting..." + exit 1 + fi + else + echo " $(date) Found reachable redis master (${MASTER})" + echo "Updating redis and sentinel config.." + sentinel_update "${MASTER}" + redis_update "${MASTER}" + fi + } + + redis_ro_update() { + echo "Updating read-only redis config.." + echo " redis.conf set 'replica-priority 0'" + echo "replica-priority 0" >> ${REDIS_CONF} + } + + getent_hosts() { + index=${1:-${INDEX}} + service="${SERVICE}-announce-${index}" + host=$(getent hosts "${service}") + echo "${host}" + } + + identify_announce_ip() { + echo "Identify announce ip for this pod.." + echo " using (${SERVICE}-announce-${INDEX}) or (${SERVICE}-server-${INDEX})" + ANNOUNCE_IP=$(getent_hosts | awk '{ print $1 }') + echo " identified announce (${ANNOUNCE_IP})" + } + + redis_role() { + set +e + if [ "$REDIS_PORT" -eq 0 ]; then + ROLE=$(redis-cli -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key info | grep role | sed 's/role://' | sed 's/\r//') + else + ROLE=$(redis-cli -p "${REDIS_PORT}" info | grep role | sed 's/role://' | sed 's/\r//') + fi + set -e + } + + identify_redis_master() { + set +e + if [ "$REDIS_PORT" -eq 0 ]; then + REDIS_MASTER=$(redis-cli -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key info | grep master_host | sed 's/master_host://' | sed 's/\r//') + else + REDIS_MASTER=$(redis-cli -p "${REDIS_PORT}" info | grep master_host | sed 's/master_host://' | sed 's/\r//') + fi + set -e + } + + reinit() { + set +e + sh /readonly-config/init.sh + + if [ "$REDIS_PORT" -eq 0 ]; then + echo "shutdown" | redis-cli -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key + else + echo "shutdown" | redis-cli -p "${REDIS_PORT}" + fi + set -e + } + + identify_announce_ip + + while [ -z "${ANNOUNCE_IP}" ]; do + echo "Error: Could not resolve the announce ip for this pod." + sleep 30 + identify_announce_ip + done + + trap "exit 0" TERM + while true; do + sleep 60 + + # where is redis master + identify_master + + if [ "$MASTER" = "$ANNOUNCE_IP" ]; then + redis_role + if [ "$ROLE" != "master" ]; then + echo "waiting for redis to become master" + sleep 10 + identify_master + redis_role + echo "Redis role is $ROLE, expected role is master. No need to reinitialize." + if [ "$ROLE" != "master" ]; then + echo "Redis role is $ROLE, expected role is master, reinitializing" + reinit + fi + fi + elif [ "${MASTER}" ]; then + identify_redis_master + if [ "$REDIS_MASTER" != "$MASTER" ]; then + echo "Redis master and local master are not the same. waiting." + sleep 10 + identify_master + identify_redis_master + echo "Redis master is ${MASTER}, expected master is ${REDIS_MASTER}. No need to reinitialize." + if [ "${REDIS_MASTER}" != "${MASTER}" ]; then + echo "Redis master is ${MASTER}, expected master is ${REDIS_MASTER}, reinitializing" + reinit + fi + fi + fi + done + + + haproxy.cfg: | + defaults REDIS + mode tcp + timeout connect 4s + timeout server 330s + timeout client 330s + timeout check 2s + + listen health_check_http_url + bind [::]:8888 v4v6 + mode http + monitor-uri /healthz + option dontlognull + # Check Sentinel and whether they are nominated master + backend check_if_redis_is_master_0 + mode tcp + option tcp-check + tcp-check connect + tcp-check send PING\r\n + tcp-check expect string +PONG + tcp-check send SENTINEL\ get-master-addr-by-name\ argocd\r\n + tcp-check expect string REPLACE_ANNOUNCE0 + tcp-check send QUIT\r\n + server R0 argocd-redis-ha-announce-0:26379 check inter 1s + server R1 argocd-redis-ha-announce-1:26379 check inter 1s + server R2 argocd-redis-ha-announce-2:26379 check inter 1s + # Check Sentinel and whether they are nominated master + backend check_if_redis_is_master_1 + mode tcp + option tcp-check + tcp-check connect + tcp-check send PING\r\n + tcp-check expect string +PONG + tcp-check send SENTINEL\ get-master-addr-by-name\ argocd\r\n + tcp-check expect string REPLACE_ANNOUNCE1 + tcp-check send QUIT\r\n + server R0 argocd-redis-ha-announce-0:26379 check inter 1s + server R1 argocd-redis-ha-announce-1:26379 check inter 1s + server R2 argocd-redis-ha-announce-2:26379 check inter 1s + # Check Sentinel and whether they are nominated master + backend check_if_redis_is_master_2 + mode tcp + option tcp-check + tcp-check connect + tcp-check send PING\r\n + tcp-check expect string +PONG + tcp-check send SENTINEL\ get-master-addr-by-name\ argocd\r\n + tcp-check expect string REPLACE_ANNOUNCE2 + tcp-check send QUIT\r\n + server R0 argocd-redis-ha-announce-0:26379 check inter 1s + server R1 argocd-redis-ha-announce-1:26379 check inter 1s + server R2 argocd-redis-ha-announce-2:26379 check inter 1s + + # decide redis backend to use + #master + frontend ft_redis_master + bind [::]:6379 v4v6 + use_backend bk_redis_master + # Check all redis servers to see if they think they are master + backend bk_redis_master + mode tcp + option tcp-check + tcp-check connect + tcp-check send PING\r\n + tcp-check expect string +PONG + tcp-check send info\ replication\r\n + tcp-check expect string role:master + tcp-check send QUIT\r\n + tcp-check expect string +OK + use-server R0 if { srv_is_up(R0) } { nbsrv(check_if_redis_is_master_0) ge 2 } + server R0 argocd-redis-ha-announce-0:6379 check inter 1s fall 1 rise 1 + use-server R1 if { srv_is_up(R1) } { nbsrv(check_if_redis_is_master_1) ge 2 } + server R1 argocd-redis-ha-announce-1:6379 check inter 1s fall 1 rise 1 + use-server R2 if { srv_is_up(R2) } { nbsrv(check_if_redis_is_master_2) ge 2 } + server R2 argocd-redis-ha-announce-2:6379 check inter 1s fall 1 rise 1 + frontend stats + mode http + bind [::]:9101 v4v6 + http-request use-service prometheus-exporter if { path /metrics } + stats enable + stats uri /stats + stats refresh 10s + haproxy_init.sh: | + HAPROXY_CONF=/data/haproxy.cfg + cp /readonly/haproxy.cfg "$HAPROXY_CONF" + for loop in $(seq 1 10); do + getent hosts argocd-redis-ha-announce-0 && break + echo "Waiting for service argocd-redis-ha-announce-0 to be ready ($loop) ..." && sleep 1 + done + ANNOUNCE_IP0=$(getent hosts "argocd-redis-ha-announce-0" | awk '{ print $1 }') + if [ -z "$ANNOUNCE_IP0" ]; then + echo "Could not resolve the announce ip for argocd-redis-ha-announce-0" + exit 1 + fi + sed -i "s/REPLACE_ANNOUNCE0/$ANNOUNCE_IP0/" "$HAPROXY_CONF" + for loop in $(seq 1 10); do + getent hosts argocd-redis-ha-announce-1 && break + echo "Waiting for service argocd-redis-ha-announce-1 to be ready ($loop) ..." && sleep 1 + done + ANNOUNCE_IP1=$(getent hosts "argocd-redis-ha-announce-1" | awk '{ print $1 }') + if [ -z "$ANNOUNCE_IP1" ]; then + echo "Could not resolve the announce ip for argocd-redis-ha-announce-1" + exit 1 + fi + sed -i "s/REPLACE_ANNOUNCE1/$ANNOUNCE_IP1/" "$HAPROXY_CONF" + for loop in $(seq 1 10); do + getent hosts argocd-redis-ha-announce-2 && break + echo "Waiting for service argocd-redis-ha-announce-2 to be ready ($loop) ..." && sleep 1 + done + ANNOUNCE_IP2=$(getent hosts "argocd-redis-ha-announce-2" | awk '{ print $1 }') + if [ -z "$ANNOUNCE_IP2" ]; then + echo "Could not resolve the announce ip for argocd-redis-ha-announce-2" + exit 1 + fi + sed -i "s/REPLACE_ANNOUNCE2/$ANNOUNCE_IP2/" "$HAPROXY_CONF" + trigger-failover-if-master.sh: | + get_redis_role() { + is_master=$( + redis-cli \ + -h localhost \ + -p 6379 \ + info | grep -c 'role:master' || true + ) + } + get_redis_role + if [[ "$is_master" -eq 1 ]]; then + echo "This node is currently master, we trigger a failover." + response=$( + redis-cli \ + -h localhost \ + -p 26379 \ + SENTINEL failover argocd + ) + if [[ "$response" != "OK" ]] ; then + echo "$response" + exit 1 + fi + timeout=30 + while [[ "$is_master" -eq 1 && $timeout -gt 0 ]]; do + sleep 1 + get_redis_role + timeout=$((timeout - 1)) + done + echo "Failover successful" + fi +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-ha-health-configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-redis-ha-health-configmap + namespace: "argocd" + labels: + heritage: Helm + release: argocd + chart: redis-ha-4.34.11 + app: argocd-redis-ha +data: + redis_liveness.sh: | + response=$( + redis-cli \ + -h localhost \ + -p 6379 \ + ping + ) + echo "response=$response" + case $response in + PONG|LOADING*) ;; + *) exit 1 ;; + esac + exit 0 + redis_readiness.sh: | + response=$( + redis-cli \ + -h localhost \ + -p 6379 \ + ping + ) + if [ "$response" != "PONG" ] ; then + echo "ping=$response" + exit 1 + fi + + response=$( + redis-cli \ + -h localhost \ + -p 6379 \ + role + ) + role=$( echo "$response" | sed "1!d" ) + if [ "$role" = "master" ]; then + echo "role=$role" + exit 0 + elif [ "$role" = "slave" ]; then + repl=$( echo "$response" | sed "4!d" ) + echo "role=$role; repl=$repl" + if [ "$repl" = "connected" ]; then + exit 0 + else + exit 1 + fi + else + echo "role=$role" + exit 1 + fi + sentinel_liveness.sh: | + response=$( + redis-cli \ + -h localhost \ + -p 26379 \ + ping + ) + if [ "$response" != "PONG" ]; then + echo "$response" + exit 1 + fi + echo "response=$response" +--- +# Source: argocd/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-cm + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-cm + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +data: + admin.enabled: "true" + application.instanceLabelKey: argocd.argoproj.io/instance + application.sync.impersonation.enabled: "false" + dex.config: | + connectors: + - config: + issuer: https://authentik.alexlebens.net/application/o/argocd/ + clientID: $argocd-oidc-secret:client + clientSecret: $argocd-oidc-secret:secret + insecureEnableGroups: true + scopes: + - openid + - profile + - email + name: authentik + type: oidc + id: authentik + exec.enabled: "false" + resource.customizations.ignoreResourceUpdates.ConfigMap: | + jqPathExpressions: + # Ignore the cluster-autoscaler status + - '.metadata.annotations."cluster-autoscaler.kubernetes.io/last-updated"' + # Ignore the annotation of the legacy Leases election + - '.metadata.annotations."control-plane.alpha.kubernetes.io/leader"' + resource.customizations.ignoreResourceUpdates.Endpoints: | + jsonPointers: + - /metadata + - /subsets + resource.customizations.ignoreResourceUpdates.all: | + jsonPointers: + - /status + resource.customizations.ignoreResourceUpdates.apps_ReplicaSet: | + jqPathExpressions: + - '.metadata.annotations."deployment.kubernetes.io/desired-replicas"' + - '.metadata.annotations."deployment.kubernetes.io/max-replicas"' + - '.metadata.annotations."rollout.argoproj.io/desired-replicas"' + resource.customizations.ignoreResourceUpdates.argoproj.io_Application: | + jqPathExpressions: + - '.metadata.annotations."notified.notifications.argoproj.io"' + - '.metadata.annotations."argocd.argoproj.io/refresh"' + - '.metadata.annotations."argocd.argoproj.io/hydrate"' + - '.operation' + resource.customizations.ignoreResourceUpdates.argoproj.io_Rollout: | + jqPathExpressions: + - '.metadata.annotations."notified.notifications.argoproj.io"' + resource.customizations.ignoreResourceUpdates.autoscaling_HorizontalPodAutoscaler: | + jqPathExpressions: + - '.metadata.annotations."autoscaling.alpha.kubernetes.io/behavior"' + - '.metadata.annotations."autoscaling.alpha.kubernetes.io/conditions"' + - '.metadata.annotations."autoscaling.alpha.kubernetes.io/metrics"' + - '.metadata.annotations."autoscaling.alpha.kubernetes.io/current-metrics"' + resource.customizations.ignoreResourceUpdates.discovery.k8s.io_EndpointSlice: | + jsonPointers: + - /metadata + - /endpoints + - /ports + resource.exclusions: | + ### Network resources created by the Kubernetes control plane and excluded to reduce the number of watched events and UI clutter + - apiGroups: + - '' + - discovery.k8s.io + kinds: + - Endpoints + - EndpointSlice + ### Internal Kubernetes resources excluded reduce the number of watched events + - apiGroups: + - coordination.k8s.io + kinds: + - Lease + ### Internal Kubernetes Authz/Authn resources excluded reduce the number of watched events + - apiGroups: + - authentication.k8s.io + - authorization.k8s.io + kinds: + - SelfSubjectReview + - TokenReview + - LocalSubjectAccessReview + - SelfSubjectAccessReview + - SelfSubjectRulesReview + - SubjectAccessReview + ### Intermediate Certificate Request excluded reduce the number of watched events + - apiGroups: + - certificates.k8s.io + kinds: + - CertificateSigningRequest + - apiGroups: + - cert-manager.io + kinds: + - CertificateRequest + ### Cilium internal resources excluded reduce the number of watched events and UI Clutter + - apiGroups: + - cilium.io + kinds: + - CiliumIdentity + - CiliumEndpoint + - CiliumEndpointSlice + ### Kyverno intermediate and reporting resources excluded reduce the number of watched events and improve performance + - apiGroups: + - kyverno.io + - reports.kyverno.io + - wgpolicyk8s.io + kinds: + - PolicyReport + - ClusterPolicyReport + - EphemeralReport + - ClusterEphemeralReport + - AdmissionReport + - ClusterAdmissionReport + - BackgroundScanReport + - ClusterBackgroundScanReport + - UpdateRequest + statusbadge.enabled: "true" + statusbadge.url: https://argocd.alexlebens.net/ + timeout.hard.reconciliation: 0s + timeout.reconciliation: 100s + timeout.reconciliation.jitter: 60s + url: https://argocd.alexlebens.net +--- +# Source: argocd/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-cmd-params-cm + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-cmd-params-cm + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +data: + applicationsetcontroller.enable.leader.election: "true" + applicationsetcontroller.log.format: text + applicationsetcontroller.log.level: info + commitserver.log.format: text + commitserver.log.level: info + controller.log.format: text + controller.log.level: info + dexserver.log.format: text + dexserver.log.level: info + notificationscontroller.log.format: text + notificationscontroller.log.level: info + redis.server: argocd-redis-ha-haproxy:6379 + repo.server: argocd-repo-server:8081 + reposerver.log.format: text + reposerver.log.level: info + server.dex.server: https://argocd-dex-server:5556 + server.dex.server.strict.tls: "false" + server.insecure: "true" + server.log.format: text + server.log.level: info + server.repo.server.strict.tls: "false" +--- +# Source: argocd/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-cmp-cm + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-cmp-cm + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +data: + cdk8s.yaml: | + apiVersion: argoproj.io/v1alpha1 + kind: ConfigManagementPlugin + metadata: + name: cdk8s + spec: + discover: + fileName: '*.go' + generate: + args: + - --stdout + command: + - cdk8s + - synth + init: + args: + - import + command: + - cdk8s +--- +# Source: argocd/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-gpg-keys-cm + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-gpg-keys-cm + app.kubernetes.io/instance: argocd + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +--- +# Source: argocd/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-notifications-cm + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +data: + context: | + argocdUrl: https://argocd.example.com + argocdUrl: https://argocd.alexlebens.net + service.webhook.ntfy: | + url: http://ntfy.ntfy/ + headers: + - name: Authorization + value: Bearer $ntfy-token + subscriptions: | + - recipients: + - ntfy + triggers: + - on-created + - on-deleted + - on-deployed + - on-health-degraded + - on-sync-failed + - on-sync-running + - on-sync-status-unknown + - on-sync-succeeded + template.app-created: | + webhook: + ntfy: + method: POST + body: | + { + "topic": "argocd", + "message": "{{.app.metadata.name}} has been created.", + "title": "Created: {{.app.metadata.name}}", + "tags": ["building_construction"], + "priority": 4, + "click": "{{.context.argocdUrl}}/applications/argocd/{{.app.metadata.name}}" + } + template.app-deleted: | + webhook: + ntfy: + method: POST + body: | + { + "topic": "argocd", + "message": "{{.app.metadata.name}} has been deleted", + "title": "Deleted: {{.app.metadata.name}}", + "tags": ["warning"], + "priority": 4, + "click": "{{.context.argocdUrl}}" + } + template.app-deployed: | + webhook: + ntfy: + method: POST + body: | + { + "topic": "argocd", + "message": "{{.app.metadata.name}} is now running new version of deployments manifests", + "title": "Deployed: {{.app.metadata.name}}", + "tags": ["+1"], + "priority": 3, + "click": "{{.context.argocdUrl}}/applications/argocd/{{.app.metadata.name}}" + } + template.app-health-degraded: | + webhook: + ntfy: + method: POST + body: | + { + "topic": "argocd", + "message": "{{.app.metadata.name}} health has degraded", + "title": "Degraded: {{.app.metadata.name}}", + "tags": ["rotating_light"], + "priority": 4, + "click": "{{.context.argocdUrl}}/applications/argocd/{{.app.metadata.name}}" + } + template.app-sync-failed: | + webhook: + ntfy: + method: POST + body: | + { + "topic": "argocd", + "message": "{{.app.metadata.name}} sync has failed at {{.app.status.operationState.finishedAt}} with the following error: {{.app.status.operationState.message}}", + "title": "Sync Failed: {{.app.metadata.name}}", + "tags": ["rotating_light"], + "priority": 4, + "click": "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true" + } + template.app-sync-running: | + webhook: + ntfy: + method: POST + body: | + { + "topic": "argocd", + "message": "{{.app.metadata.name}} sync has started at {{.app.status.operationState.startedAt}}", + "title": "Sync Running: {{.app.metadata.name}}", + "tags": ["runner"], + "priority": 3, + "click": "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true" + } + template.app-sync-status-unknown: | + webhook: + ntfy: + method: POST + body: | + { + "topic": "argocd", + "message": "{{.app.metadata.name}} sync status is unknown", + "title": "Sync Unknown: {{.app.metadata.name}}", + "tags": ["question"], + "priority": 3, + "click": "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}" + } + template.app-sync-succeeded: | + webhook: + ntfy: + method: POST + body: | + { + "topic": "argocd", + "message": "{{.app.metadata.name}} has been successfully synced at {{.app.status.operationState.finishedAt}}", + "title": "Sync Succeeded: {{.app.metadata.name}}", + "tags": ["+1"], + "priority": 3, + "click": "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true" + } + trigger.on-created: | + - description: Application {{.app.metadata.name}} has been created. + oncePer: app.metadata.name + send: + - app-created + when: "true" + trigger.on-deleted: | + - description: Application {{.app.metadata.name}} has been deleted. + oncePer: app.metadata.name + send: + - app-deleted + when: app.metadata.deletionTimestamp != nil + trigger.on-deployed: | + - description: Application is synced and healthy. Triggered once per commit. + oncePer: app.status.operationState.syncResult.revision + send: + - app-deployed + when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy' + trigger.on-health-degraded: | + - description: Application has degraded + send: + - app-health-degraded + when: app.status.health.status == 'Degraded' and time.Now().Sub(time.Parse(app.status.health.lastTransitionTime).Minutes() >= 15 + trigger.on-sync-failed: | + - description: Application syncing has failed + send: + - app-sync-failed + when: app.status.operationState.phase in ['Error', 'Failed'] + trigger.on-sync-running: | + - description: Application is being synced + send: + - app-sync-running + when: app.status.operationState.phase in ['Running'] + trigger.on-sync-status-unknown: | + - description: Application status is 'Unknown' + send: + - app-sync-status-unknown + when: app.status.sync.status == 'Unknown' + trigger.on-sync-succeeded: | + - description: Application syncing has succeeded + send: + - app-sync-succeeded + when: app.status.operationState.phase in ['Succeeded'] +--- +# Source: argocd/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-rbac-cm + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-rbac-cm + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +data: + policy.csv: | + g, ArgoCD Admins, role:admin + policy.default: "" + policy.matchMode: glob + scopes: '[groups]' +--- +# Source: argocd/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-ssh-known-hosts-cm + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-ssh-known-hosts-cm + app.kubernetes.io/instance: argocd + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +data: + ssh_known_hosts: | + [ssh.github.com]:443 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= + [ssh.github.com]:443 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl + [ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= + bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= + bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M= + github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= + github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl + github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= + gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= + gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf + gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 + ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H +--- +# Source: argocd/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-tls-certs-cm + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-tls-certs-cm + app.kubernetes.io/instance: argocd + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +--- +# Source: argocd/charts/argo-cd/templates/crds/crd-application.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + labels: + app.kubernetes.io/name: applications.argoproj.io + app.kubernetes.io/part-of: argocd + name: applications.argoproj.io +spec: + group: argoproj.io + names: + kind: Application + listKind: ApplicationList + plural: applications + shortNames: + - app + - apps + singular: application + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.sync.status + name: Sync Status + type: string + - jsonPath: .status.health.status + name: Health Status + type: string + - jsonPath: .status.sync.revision + name: Revision + priority: 10 + type: string + - jsonPath: .spec.project + name: Project + priority: 10 + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Application is a definition of Application resource. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + operation: + description: Operation contains information about a requested or running + operation + properties: + info: + description: Info is a list of informational items for this operation + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + initiatedBy: + description: InitiatedBy contains information about who initiated + the operations + properties: + automated: + description: Automated is set to true if operation was initiated + automatically by the application controller. + type: boolean + username: + description: Username contains the name of a user who started + operation + type: string + type: object + retry: + description: Retry controls the strategy to apply if a sync fails + properties: + backoff: + description: Backoff controls how to backoff on subsequent retries + of failed syncs + properties: + duration: + description: Duration is the amount to back off. Default unit + is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed + for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts for retrying + a failed sync. If set to 0, no retries will be performed. + format: int64 + type: integer + refresh: + description: 'Refresh indicates if the latest revision should + be used on retry instead of the initial one (default: false)' + type: boolean + type: object + sync: + description: Sync contains parameters for the operation + properties: + autoHealAttemptsCount: + description: SelfHealAttemptsCount contains the number of auto-heal + attempts + format: int64 + type: integer + dryRun: + description: DryRun specifies to perform a `kubectl apply --dry-run` + without actually performing the sync + type: boolean + manifests: + description: Manifests is an optional field that overrides sync + source with a local directory for development + items: + type: string + type: array + prune: + description: Prune specifies to delete resources from the cluster + that are no longer tracked in git + type: boolean + resources: + description: Resources describes which resources shall be part + of the sync + items: + description: SyncOperationResource contains resources to sync. + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + type: array + revision: + description: |- + Revision is the revision (Git) or chart version (Helm) which to sync the application to + If omitted, will use the revision specified in app spec. + type: string + revisions: + description: |- + Revisions is the list of revision (Git) or chart version (Helm) which to sync each source in sources field for the application to + If omitted, will use the revision specified in app spec. + items: + type: string + type: array + source: + description: |- + Source overrides the source definition set in the application. + This is typically set in a Rollback operation and is nil during a Sync operation + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable to + be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to + be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by + not appending them to helm template --values + type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template + with. If left empty, defaults to the app's destination + namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest + generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation + (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating + ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources for + Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize + from failing when components do not exist locally by + not appending them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to + apply common labels to resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to + apply common labels to resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + name: + description: Name is used to refer to a source and is displayed + in the UI. It is used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, usually + expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type + parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: |- + Sources overrides the source definition set in the application. + This is typically set in a Rollback operation and is nil during a Sync operation + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally + by not appending them to helm template --values + type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template + with. If left empty, defaults to the app's destination + namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to + use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize + from failing when components do not exist locally + by not appending them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether + to apply common labels to resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + name: + description: Name is used to refer to a source and is displayed + in the UI. It is used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + syncOptions: + description: SyncOptions provide per-sync sync-options, e.g. Validate=false + items: + type: string + type: array + syncStrategy: + description: SyncStrategy describes how to perform the sync + properties: + apply: + description: Apply will perform a `kubectl apply` to perform + the sync. + properties: + force: + description: |- + Force indicates whether or not to supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, when PATCH encounters conflict and has + retried for 5 times. + type: boolean + type: object + hook: + description: Hook will submit any referenced resources to + perform the sync. This is the default strategy + properties: + force: + description: |- + Force indicates whether or not to supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, when PATCH encounters conflict and has + retried for 5 times. + type: boolean + type: object + type: object + type: object + type: object + spec: + description: ApplicationSpec represents desired application state. Contains + link to repository with application definition and additional parameters + link definition revision. + properties: + destination: + description: Destination is a reference to the target Kubernetes server + and namespace + properties: + name: + description: Name is an alternate way of specifying the target + cluster by its symbolic name. This must be set if Server is + not set. + type: string + namespace: + description: |- + Namespace specifies the target namespace for the application's resources. + The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name is not + set. + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list of resources and their fields + which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains resource filter + and list of json paths which should be ignored during comparison + with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + description: |- + ManagedFieldsManagers is a list of trusted managers. Fields mutated by those managers will take precedence over the + desired state defined in the SCM and won't be displayed in diffs + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information (URLs, email addresses, + and plain text) that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: |- + Project is a reference to the project this application belongs to. + The empty string means that application belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: |- + RevisionHistoryLimit limits the number of items kept in the application's revision history, which is used for informational purposes as well as for rollbacks to previous versions. + This should only be changed in exceptional circumstances. + Setting to zero will store no history. This will reduce storage used. + Increasing will increase the space used to store the history, so we do not recommend increasing it. + Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location of the application's + manifests or chart + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths + against that should be explicitly excluded from being used + during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths + against that should be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template + with. If left empty, defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation + step (Helm's --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation + (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step + (Helm's --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating + ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations + to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to + apply env variables substitution for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels to + add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize components + to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force + applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from + failing when components do not exist locally by not appending + them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply + common labels to resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply + common labels to resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds + to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize to + use for rendering manifests + type: string + type: object + name: + description: Name is used to refer to a source and is displayed + in the UI. It is used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, usually + expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) + that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sourceHydrator: + description: SourceHydrator provides a way to push hydrated manifests + back to git before syncing them to the cluster. + properties: + drySource: + description: DrySource specifies where the dry "don't repeat yourself" + manifest source lives. + properties: + path: + description: Path is a directory path within the Git repository + where the manifests are located + type: string + repoURL: + description: RepoURL is the URL to the git repository that + contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source + to hydrate + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + description: |- + HydrateTo specifies an optional "staging" location to push hydrated manifests to. An external system would then + have to move manifests to the SyncSource, e.g. by pull request. + properties: + targetBranch: + description: TargetBranch is the branch to which hydrated + manifests should be committed + type: string + required: + - targetBranch + type: object + syncSource: + description: SyncSource specifies where to sync hydrated manifests + from. + properties: + path: + description: |- + Path is a directory path within the git repository where hydrated manifests should be committed to and synced + from. The Path should never point to the root of the repo. If hydrateTo is set, this is just the path from which + hydrated manifests will be synced. + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + description: |- + TargetBranch is the branch from which hydrated manifests will be synced. + If HydrateTo is not set, this is also the branch to which hydrated manifests are committed. + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + description: Sources is a reference to the location of the application's + manifests or chart + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths + against that should be explicitly excluded from being + used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths + against that should be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template + with. If left empty, defaults to the app's destination + namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest + generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation + step (Helm's --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation + (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating + ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations + to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize components + to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to + force applying common annotations to resources for Kustomize + apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize + from failing when components do not exist locally by not + appending them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to + apply common labels to resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply + common labels to resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + name: + description: Name is used to refer to a source and is displayed + in the UI. It is used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, usually + expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type + parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) + that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + description: SyncPolicy controls when and how a sync will be performed + properties: + automated: + description: Automated will keep an application synced to the + target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have zero live resources + (default: false)' + type: boolean + enabled: + description: Enable allows apps to explicitly control automated + sync + type: boolean + prune: + description: 'Prune specifies whether to delete resources + from the cluster that are not found in the sources anymore + as part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal specifies whether to revert resources + back to their desired state upon modification in the cluster + (default: false)' + type: boolean + type: object + managedNamespaceMetadata: + description: ManagedNamespaceMetadata controls metadata in the + given namespace (if CreateNamespace=true) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff controls how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the amount to back off. Default + unit is seconds, but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time + allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts for retrying + a failed sync. If set to 0, no retries will be performed. + format: int64 + type: integer + refresh: + description: 'Refresh indicates if the latest revision should + be used on retry instead of the initial one (default: false)' + type: boolean + type: object + syncOptions: + description: Options allow you to specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + status: + description: ApplicationStatus contains status information for the application + properties: + conditions: + description: Conditions is a list of currently observed application + conditions + items: + description: ApplicationCondition contains details about an application + condition, which is usually an error or warning + properties: + lastTransitionTime: + description: LastTransitionTime is the time the condition was + last observed + format: date-time + type: string + message: + description: Message contains human-readable message indicating + details about condition + type: string + type: + description: Type is an application condition type + type: string + required: + - message + - type + type: object + type: array + controllerNamespace: + description: ControllerNamespace indicates the namespace in which + the application controller is located + type: string + health: + description: Health contains information about the application's current + health status + properties: + lastTransitionTime: + description: LastTransitionTime is the time the HealthStatus was + set or updated + format: date-time + type: string + message: + description: |- + Message is a human-readable informational message describing the health status + + Deprecated: this field is not used and will be removed in a future release. + type: string + status: + description: Status holds the status code of the application + type: string + type: object + history: + description: History contains information about the application's + sync history + items: + description: RevisionHistory contains history information about + a previous sync + properties: + deployStartedAt: + description: DeployStartedAt holds the time the sync operation + started + format: date-time + type: string + deployedAt: + description: DeployedAt holds the time the sync operation completed + format: date-time + type: string + id: + description: ID is an auto incrementing identifier of the RevisionHistory + format: int64 + type: integer + initiatedBy: + description: InitiatedBy contains information about who initiated + the operations + properties: + automated: + description: Automated is set to true if operation was initiated + automatically by the application controller. + type: boolean + username: + description: Username contains the name of a user who started + operation + type: string + type: object + revision: + description: Revision holds the revision the sync was performed + against + type: string + revisions: + description: Revisions holds the revision of each source in + sources field the sync was performed against + items: + type: string + type: array + source: + description: Source is a reference to the application source + used for the sync operation + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally + by not appending them to helm template --values + type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template + with. If left empty, defaults to the app's destination + namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to + use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize + from failing when components do not exist locally + by not appending them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether + to apply common labels to resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + name: + description: Name is used to refer to a source and is displayed + in the UI. It is used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Sources is a reference to the application sources + used for the sync operation + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to + template with. If left empty, defaults to the app's + destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize + from failing when components do not exist locally + by not appending them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether + to apply common labels to resource templates or + not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + name: + description: Name is used to refer to a source and is + displayed in the UI. It is used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + required: + - deployedAt + - id + type: object + type: array + observedAt: + description: |- + ObservedAt indicates when the application state was updated without querying latest git state + Deprecated: controller no longer updates ObservedAt field + format: date-time + type: string + operationState: + description: OperationState contains information about any ongoing + operations, such as a sync + properties: + finishedAt: + description: FinishedAt contains time of operation completion + format: date-time + type: string + message: + description: Message holds any pertinent messages when attempting + to perform operation (typically errors). + type: string + operation: + description: Operation is the original requested operation + properties: + info: + description: Info is a list of informational items for this + operation + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + initiatedBy: + description: InitiatedBy contains information about who initiated + the operations + properties: + automated: + description: Automated is set to true if operation was + initiated automatically by the application controller. + type: boolean + username: + description: Username contains the name of a user who + started operation + type: string + type: object + retry: + description: Retry controls the strategy to apply if a sync + fails + properties: + backoff: + description: Backoff controls how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the amount to back off. Default + unit is seconds, but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base + duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of + time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts for + retrying a failed sync. If set to 0, no retries will + be performed. + format: int64 + type: integer + refresh: + description: 'Refresh indicates if the latest revision + should be used on retry instead of the initial one (default: + false)' + type: boolean + type: object + sync: + description: Sync contains parameters for the operation + properties: + autoHealAttemptsCount: + description: SelfHealAttemptsCount contains the number + of auto-heal attempts + format: int64 + type: integer + dryRun: + description: DryRun specifies to perform a `kubectl apply + --dry-run` without actually performing the sync + type: boolean + manifests: + description: Manifests is an optional field that overrides + sync source with a local directory for development + items: + type: string + type: array + prune: + description: Prune specifies to delete resources from + the cluster that are no longer tracked in git + type: boolean + resources: + description: Resources describes which resources shall + be part of the sync + items: + description: SyncOperationResource contains resources + to sync. + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + type: array + revision: + description: |- + Revision is the revision (Git) or chart version (Helm) which to sync the application to + If omitted, will use the revision specified in app spec. + type: string + revisions: + description: |- + Revisions is the list of revision (Git) or chart version (Helm) which to sync each source in sources field for the application to + If omitted, will use the revision specified in app spec. + items: + type: string + type: array + source: + description: |- + Source overrides the source definition set in the application. + This is typically set in a Rollback operation and is nil during a Sync operation + properties: + chart: + description: Chart is a Helm chart name, and must + be specified for applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to + Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan + a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents + helm template from failing when valueFiles do + not exist locally by not appending them to helm + template --values + type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace + to template with. If left empty, defaults to + the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and + numbers as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the + Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials + to all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block. ValuesObject takes precedence over + Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a + map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before + building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources + for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents + kustomize from failing when components do not + exist locally by not appending them to kustomization + file + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether + to apply common labels to resource templates + or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors + or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of + Kustomize to use for rendering manifests + type: string + type: object + name: + description: Name is used to refer to a source and + is displayed in the UI. It is used in multi-source + Applications. + type: string + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin + specific options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in + the application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: |- + Sources overrides the source definition set in the application. + This is typically set in a Rollback operation and is nil during a Sync operation + items: + description: ApplicationSource contains all required + information about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must + be specified for applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern + to match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific + to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan + a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents + helm template from failing when valueFiles + do not exist locally by not appending them + to helm template --values + type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace + to template with. If left empty, defaults + to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter + that's passed to helm template during manifest + generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and + numbers as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the + Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials + to all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release + name to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource + definition installation step (Helm's --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON + schema validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to + be passed to helm template, typically defined + as a block. ValuesObject takes precedence + over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as + a map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to + use for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of + additional annotations to add to rendered + manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of + kustomize components to add to the kustomization + before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources + for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents + kustomize from failing when components do + not exist locally by not appending them to + kustomization file + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies + whether to apply common labels to resource + templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies + whether to apply common labels to resource + selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended + to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize + patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize + Replicas override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version + of Kustomize to use for rendering manifests + type: string + type: object + name: + description: Name is used to refer to a source and + is displayed in the UI. It is used in multi-source + Applications. + type: string + path: + description: Path is a directory path within the + Git repository, and is only valid for applications + sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin + specific options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry + in the application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the + variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an + array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map + type parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a + string type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source + within sources field. This field will not be used + if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + syncOptions: + description: SyncOptions provide per-sync sync-options, + e.g. Validate=false + items: + type: string + type: array + syncStrategy: + description: SyncStrategy describes how to perform the + sync + properties: + apply: + description: Apply will perform a `kubectl apply` + to perform the sync. + properties: + force: + description: |- + Force indicates whether or not to supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, when PATCH encounters conflict and has + retried for 5 times. + type: boolean + type: object + hook: + description: Hook will submit any referenced resources + to perform the sync. This is the default strategy + properties: + force: + description: |- + Force indicates whether or not to supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, when PATCH encounters conflict and has + retried for 5 times. + type: boolean + type: object + type: object + type: object + type: object + phase: + description: Phase is the current phase of the operation + type: string + retryCount: + description: RetryCount contains time of operation retries + format: int64 + type: integer + startedAt: + description: StartedAt contains time of operation start + format: date-time + type: string + syncResult: + description: SyncResult is the result of a Sync operation + properties: + managedNamespaceMetadata: + description: ManagedNamespaceMetadata contains the current + sync state of managed namespace metadata + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + resources: + description: Resources contains a list of sync result items + for each individual resource in a sync operation + items: + description: ResourceResult holds the operation result details + of a specific resource + properties: + group: + description: Group specifies the API group of the resource + type: string + hookPhase: + description: |- + HookPhase contains the state of any operation associated with this resource OR hook + This can also contain values for non-hook resources. + type: string + hookType: + description: HookType specifies the type of the hook. + Empty for non-hook resources + type: string + images: + description: Images contains the images related to the + ResourceResult + items: + type: string + type: array + kind: + description: Kind specifies the API kind of the resource + type: string + message: + description: Message contains an informational or error + message for the last sync OR operation + type: string + name: + description: Name specifies the name of the resource + type: string + namespace: + description: Namespace specifies the target namespace + of the resource + type: string + status: + description: Status holds the final result of the sync. + Will be empty if the resources is yet to be applied/pruned + and is always zero-value for hooks + type: string + syncPhase: + description: SyncPhase indicates the particular phase + of the sync that this result was acquired in + type: string + version: + description: Version specifies the API version of the + resource + type: string + required: + - group + - kind + - name + - namespace + - version + type: object + type: array + revision: + description: Revision holds the revision this sync operation + was performed to + type: string + revisions: + description: Revisions holds the revision this sync operation + was performed for respective indexed source in sources field + items: + type: string + type: array + source: + description: Source records the application source information + of the sync, used for comparing auto-sync + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to + template with. If left empty, defaults to the app's + destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize + from failing when components do not exist locally + by not appending them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether + to apply common labels to resource templates or + not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + name: + description: Name is used to refer to a source and is + displayed in the UI. It is used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Source records the application source information + of the sync, used for comparing auto-sync + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be + specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a + directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template + --values + type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace + to template with. If left empty, defaults to the + app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to + all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block. ValuesObject takes precedence over Values, + so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before + building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources for + Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize + from failing when components do not exist locally + by not appending them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether + to apply common labels to resource templates or + not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + name: + description: Name is used to refer to a source and is + displayed in the UI. It is used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + required: + - revision + type: object + required: + - operation + - phase + - startedAt + type: object + reconciledAt: + description: ReconciledAt indicates when the application state was + reconciled using the latest git version + format: date-time + type: string + resourceHealthSource: + description: 'ResourceHealthSource indicates where the resource health + status is stored: inline if not set or appTree' + type: string + resources: + description: Resources is a list of Kubernetes resources managed by + this application + items: + description: ResourceStatus holds the current synchronization and + health status of a Kubernetes resource. + properties: + group: + description: Group represents the API group of the resource + (e.g., "apps" for Deployments). + type: string + health: + description: Health indicates the health status of the resource + (e.g., Healthy, Degraded, Progressing). + properties: + lastTransitionTime: + description: |- + LastTransitionTime is the time the HealthStatus was set or updated + + Deprecated: this field is not used and will be removed in a future release. + format: date-time + type: string + message: + description: Message is a human-readable informational message + describing the health status + type: string + status: + description: Status holds the status code of the resource + type: string + type: object + hook: + description: Hook is true if the resource is used as a lifecycle + hook in an Argo CD application. + type: boolean + kind: + description: Kind specifies the type of the resource (e.g., + "Deployment", "Service"). + type: string + name: + description: Name is the unique name of the resource within + the namespace. + type: string + namespace: + description: Namespace defines the Kubernetes namespace where + the resource is located. + type: string + requiresDeletionConfirmation: + description: RequiresDeletionConfirmation is true if the resource + requires explicit user confirmation before deletion. + type: boolean + requiresPruning: + description: RequiresPruning is true if the resource needs to + be pruned (deleted) as part of synchronization. + type: boolean + status: + description: Status represents the synchronization state of + the resource (e.g., Synced, OutOfSync). + type: string + syncWave: + description: |- + SyncWave determines the order in which resources are applied during a sync operation. + Lower values are applied first. + format: int64 + type: integer + version: + description: Version indicates the API version of the resource + (e.g., "v1", "v1beta1"). + type: string + type: object + type: array + sourceHydrator: + description: SourceHydrator stores information about the current state + of source hydration + properties: + currentOperation: + description: CurrentOperation holds the status of the hydrate + operation + properties: + drySHA: + description: DrySHA holds the resolved revision (sha) of the + dry source as of the most recent reconciliation + type: string + finishedAt: + description: FinishedAt indicates when the hydrate operation + finished + format: date-time + type: string + hydratedSHA: + description: HydratedSHA holds the resolved revision (sha) + of the hydrated source as of the most recent reconciliation + type: string + message: + description: Message contains a message describing the current + status of the hydrate operation + type: string + phase: + description: Phase indicates the status of the hydrate operation + enum: + - Hydrating + - Failed + - Hydrated + type: string + sourceHydrator: + description: SourceHydrator holds the hydrator config used + for the hydrate operation + properties: + drySource: + description: DrySource specifies where the dry "don't + repeat yourself" manifest source lives. + properties: + path: + description: Path is a directory path within the Git + repository where the manifests are located + type: string + repoURL: + description: RepoURL is the URL to the git repository + that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to hydrate + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + description: |- + HydrateTo specifies an optional "staging" location to push hydrated manifests to. An external system would then + have to move manifests to the SyncSource, e.g. by pull request. + properties: + targetBranch: + description: TargetBranch is the branch to which hydrated + manifests should be committed + type: string + required: + - targetBranch + type: object + syncSource: + description: SyncSource specifies where to sync hydrated + manifests from. + properties: + path: + description: |- + Path is a directory path within the git repository where hydrated manifests should be committed to and synced + from. The Path should never point to the root of the repo. If hydrateTo is set, this is just the path from which + hydrated manifests will be synced. + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + description: |- + TargetBranch is the branch from which hydrated manifests will be synced. + If HydrateTo is not set, this is also the branch to which hydrated manifests are committed. + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + startedAt: + description: StartedAt indicates when the hydrate operation + started + format: date-time + type: string + required: + - message + - phase + type: object + lastSuccessfulOperation: + description: LastSuccessfulOperation holds info about the most + recent successful hydration + properties: + drySHA: + description: DrySHA holds the resolved revision (sha) of the + dry source as of the most recent reconciliation + type: string + hydratedSHA: + description: HydratedSHA holds the resolved revision (sha) + of the hydrated source as of the most recent reconciliation + type: string + sourceHydrator: + description: SourceHydrator holds the hydrator config used + for the hydrate operation + properties: + drySource: + description: DrySource specifies where the dry "don't + repeat yourself" manifest source lives. + properties: + path: + description: Path is a directory path within the Git + repository where the manifests are located + type: string + repoURL: + description: RepoURL is the URL to the git repository + that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to hydrate + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + description: |- + HydrateTo specifies an optional "staging" location to push hydrated manifests to. An external system would then + have to move manifests to the SyncSource, e.g. by pull request. + properties: + targetBranch: + description: TargetBranch is the branch to which hydrated + manifests should be committed + type: string + required: + - targetBranch + type: object + syncSource: + description: SyncSource specifies where to sync hydrated + manifests from. + properties: + path: + description: |- + Path is a directory path within the git repository where hydrated manifests should be committed to and synced + from. The Path should never point to the root of the repo. If hydrateTo is set, this is just the path from which + hydrated manifests will be synced. + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + description: |- + TargetBranch is the branch from which hydrated manifests will be synced. + If HydrateTo is not set, this is also the branch to which hydrated manifests are committed. + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + type: object + type: object + sourceType: + description: SourceType specifies the type of this application + type: string + sourceTypes: + description: SourceTypes specifies the type of the sources included + in the application + items: + description: ApplicationSourceType specifies the type of the application's + source + type: string + type: array + summary: + description: Summary contains a list of URLs and container images + used by this application + properties: + externalURLs: + description: ExternalURLs holds all external URLs of application + child resources. + items: + type: string + type: array + images: + description: Images holds all images of application child resources. + items: + type: string + type: array + type: object + sync: + description: Sync contains information about the application's current + sync status + properties: + comparedTo: + description: ComparedTo contains information about what has been + compared + properties: + destination: + description: Destination is a reference to the application's + destination used for comparison + properties: + name: + description: Name is an alternate way of specifying the + target cluster by its symbolic name. This must be set + if Server is not set. + type: string + namespace: + description: |- + Namespace specifies the target namespace for the application's resources. + The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name + is not set. + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a reference to the application's + ignored differences used for comparison + items: + description: ResourceIgnoreDifferences contains resource + filter and list of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + description: |- + ManagedFieldsManagers is a list of trusted managers. Fields mutated by those managers will take precedence over the + desired state defined in the SCM and won't be displayed in diffs + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + source: + description: Source is a reference to the application's source + used for comparison + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to + template with. If left empty, defaults to the app's + destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize + from failing when components do not exist locally + by not appending them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether + to apply common labels to resource templates or + not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + name: + description: Name is used to refer to a source and is + displayed in the UI. It is used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Sources is a reference to the application's multiple + sources used for comparison + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be + specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a + directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template + --values + type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace + to template with. If left empty, defaults to the + app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to + all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block. ValuesObject takes precedence over Values, + so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before + building + items: + type: string + type: array + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources for + Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize + from failing when components do not exist locally + by not appending them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether + to apply common labels to resource templates or + not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + name: + description: Name is used to refer to a source and is + displayed in the UI. It is used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array + required: + - destination + type: object + revision: + description: Revision contains information about the revision + the comparison has been performed to + type: string + revisions: + description: Revisions contains information about the revisions + of multiple sources the comparison has been performed to + items: + type: string + type: array + status: + description: Status is the sync state of the comparison + type: string + required: + - status + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: {} +--- +# Source: argocd/charts/argo-cd/templates/crds/crd-applicationset.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + labels: + app.kubernetes.io/name: applicationsets.argoproj.io + app.kubernetes.io/part-of: argocd + name: applicationsets.argoproj.io +spec: + group: argoproj.io + names: + kind: ApplicationSet + listKind: ApplicationSetList + plural: applicationsets + shortNames: + - appset + - appsets + singular: applicationset + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + applyNestedSelectors: + type: boolean + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + flatList: + type: boolean + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + matrix: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + flatList: + type: boolean + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + pullRequest: + properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean + project: + type: string + repo: + type: string + required: + - api + - project + - repo + type: object + continueOnRepoNotFoundError: + type: boolean + filters: + items: + properties: + branchMatch: + type: string + targetBranchMatch: + type: string + titleMatch: + type: string + type: object + type: array + gitea: + properties: + api: + type: string + insecure: + type: boolean + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + scmProvider: + properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: + type: string + appSecretName: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + group: + type: string + includeSharedProjects: + type: boolean + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + topic: + type: string + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + type: object + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + flatList: + type: boolean + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + pullRequest: + properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean + project: + type: string + repo: + type: string + required: + - api + - project + - repo + type: object + continueOnRepoNotFoundError: + type: boolean + filters: + items: + properties: + branchMatch: + type: string + targetBranchMatch: + type: string + titleMatch: + type: string + type: object + type: array + gitea: + properties: + api: + type: string + insecure: + type: boolean + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + scmProvider: + properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: + type: string + appSecretName: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + group: + type: string + includeSharedProjects: + type: boolean + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + topic: + type: string + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + type: object + type: array + mergeKeys: + items: + type: string + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + - mergeKeys + type: object + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + pullRequest: + properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean + project: + type: string + repo: + type: string + required: + - api + - project + - repo + type: object + continueOnRepoNotFoundError: + type: boolean + filters: + items: + properties: + branchMatch: + type: string + targetBranchMatch: + type: string + titleMatch: + type: string + type: object + type: array + gitea: + properties: + api: + type: string + insecure: + type: boolean + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + scmProvider: + properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: + type: string + appSecretName: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + group: + type: string + includeSharedProjects: + type: boolean + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + topic: + type: string + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + type: object + type: array + goTemplate: + type: boolean + goTemplateOptions: + items: + type: string + type: array + ignoreApplicationDifferences: + items: + properties: + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + name: + type: string + type: object + type: array + preservedFields: + properties: + annotations: + items: + type: string + type: array + labels: + items: + type: string + type: array + type: object + strategy: + properties: + deletionOrder: + type: string + rollingSync: + properties: + steps: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + maxUpdate: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + type: object + type: array + type: object + type: + type: string + type: object + syncPolicy: + properties: + applicationsSync: + enum: + - create-only + - create-update + - create-delete + - sync + type: string + preserveResourcesOnDeletion: + type: boolean + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + minLength: 1 + pattern: ^.{2,}|[^./]$ + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + apiVersions: + items: + type: string + type: array + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + kubeVersion: + type: string + namespace: + type: string + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + apiVersions: + items: + type: string + type: array + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + ignoreMissingComponents: + type: boolean + images: + items: + type: string + type: array + kubeVersion: + type: string + labelIncludeTemplates: + type: boolean + labelWithoutSelector: + type: boolean + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + name: + type: string + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + enabled: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + refresh: + type: boolean + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + templatePatch: + type: string + required: + - generators + - template + type: object + status: + properties: + applicationStatus: + items: + properties: + application: + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + status: + type: string + step: + type: string + targetRevisions: + items: + type: string + type: array + required: + - application + - message + - status + - step + - targetRevisions + type: object + type: array + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - message + - reason + - status + - type + type: object + type: array + resources: + items: + properties: + group: + type: string + health: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + status: + type: string + type: object + hook: + type: boolean + kind: + type: string + name: + type: string + namespace: + type: string + requiresDeletionConfirmation: + type: boolean + requiresPruning: + type: boolean + status: + type: string + syncWave: + format: int64 + type: integer + version: + type: string + type: object + type: array + resourcesCount: + format: int64 + type: integer + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: argocd/charts/argo-cd/templates/crds/crd-project.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + labels: + app.kubernetes.io/name: appprojects.argoproj.io + app.kubernetes.io/part-of: argocd + name: appprojects.argoproj.io +spec: + group: argoproj.io + names: + kind: AppProject + listKind: AppProjectList + plural: appprojects + shortNames: + - appproj + - appprojs + singular: appproject + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: |- + AppProject provides a logical grouping of applications, providing controls for: + * where the apps may deploy to (cluster whitelist) + * what may be deployed (repository whitelist, resource whitelist/blacklist) + * who can access these applications (roles, OIDC group claims bindings) + * and what they can do (RBAC policies) + * automation access to these roles (JWT tokens) + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: AppProjectSpec is the specification of an AppProject + properties: + clusterResourceBlacklist: + description: ClusterResourceBlacklist contains list of blacklisted + cluster level resources + items: + description: |- + GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying + concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + clusterResourceWhitelist: + description: ClusterResourceWhitelist contains list of whitelisted + cluster level resources + items: + description: |- + GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying + concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + description: + description: Description contains optional project description + maxLength: 255 + type: string + destinationServiceAccounts: + description: DestinationServiceAccounts holds information about the + service accounts to be impersonated for the application sync operation + for each destination. + items: + description: ApplicationDestinationServiceAccount holds information + about the service account to be impersonated for the application + sync operation. + properties: + defaultServiceAccount: + description: DefaultServiceAccount to be used for impersonation + during the sync operation + type: string + namespace: + description: Namespace specifies the target namespace for the + application's resources. + type: string + server: + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. + type: string + required: + - defaultServiceAccount + - server + type: object + type: array + destinations: + description: Destinations contains list of destinations available + for deployment + items: + description: ApplicationDestination holds information about the + application's destination + properties: + name: + description: Name is an alternate way of specifying the target + cluster by its symbolic name. This must be set if Server is + not set. + type: string + namespace: + description: |- + Namespace specifies the target namespace for the application's resources. + The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name is + not set. + type: string + type: object + type: array + namespaceResourceBlacklist: + description: NamespaceResourceBlacklist contains list of blacklisted + namespace level resources + items: + description: |- + GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying + concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + namespaceResourceWhitelist: + description: NamespaceResourceWhitelist contains list of whitelisted + namespace level resources + items: + description: |- + GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying + concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + orphanedResources: + description: OrphanedResources specifies if controller should monitor + orphaned resources of apps in this project + properties: + ignore: + description: Ignore contains a list of resources that are to be + excluded from orphaned resources monitoring + items: + description: OrphanedResourceKey is a reference to a resource + to be ignored from + properties: + group: + type: string + kind: + type: string + name: + type: string + type: object + type: array + warn: + description: Warn indicates if warning condition should be created + for apps which have orphaned resources + type: boolean + type: object + permitOnlyProjectScopedClusters: + description: PermitOnlyProjectScopedClusters determines whether destinations + can only reference clusters which are project-scoped + type: boolean + roles: + description: Roles are user defined RBAC roles associated with this + project + items: + description: ProjectRole represents a role that has access to a + project + properties: + description: + description: Description is a description of the role + type: string + groups: + description: Groups are a list of OIDC group claims bound to + this role + items: + type: string + type: array + jwtTokens: + description: JWTTokens are a list of generated JWT tokens bound + to this role + items: + description: JWTToken holds the issuedAt and expiresAt values + of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + name: + description: Name is a name for this role + type: string + policies: + description: Policies Stores a list of casbin formatted strings + that define access policies for the role in the project + items: + type: string + type: array + required: + - name + type: object + type: array + signatureKeys: + description: SignatureKeys contains a list of PGP key IDs that commits + in Git must be signed with in order to be allowed for sync + items: + description: SignatureKey is the specification of a key required + to verify commit signatures with + properties: + keyID: + description: The ID of the key in hexadecimal notation + type: string + required: + - keyID + type: object + type: array + sourceNamespaces: + description: SourceNamespaces defines the namespaces application resources + are allowed to be created in + items: + type: string + type: array + sourceRepos: + description: SourceRepos contains list of repository URLs which can + be used for deployment + items: + type: string + type: array + syncWindows: + description: SyncWindows controls when syncs can be run for apps in + this project + items: + description: SyncWindow contains the kind, time, duration and attributes + that are used to assign the syncWindows to apps + properties: + andOperator: + description: UseAndOperator use AND operator for matching applications, + namespaces and clusters instead of the default OR operator + type: boolean + applications: + description: Applications contains a list of applications that + the window will apply to + items: + type: string + type: array + clusters: + description: Clusters contains a list of clusters that the window + will apply to + items: + type: string + type: array + description: + description: Description of the sync that will be applied to + the schedule, can be used to add any information such as a + ticket number for example + type: string + duration: + description: Duration is the amount of time the sync window + will be open + type: string + kind: + description: Kind defines if the window allows or blocks syncs + type: string + manualSync: + description: ManualSync enables manual syncs when they would + otherwise be blocked + type: boolean + namespaces: + description: Namespaces contains a list of namespaces that the + window will apply to + items: + type: string + type: array + schedule: + description: Schedule is the time the window will begin, specified + in cron format + type: string + timeZone: + description: TimeZone of the sync that will be applied to the + schedule + type: string + type: object + type: array + type: object + status: + description: AppProjectStatus contains status information for AppProject + CRs + properties: + jwtTokensByRole: + additionalProperties: + description: JWTTokens represents a list of JWT tokens + properties: + items: + items: + description: JWTToken holds the issuedAt and expiresAt values + of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + type: object + description: JWTTokensByRole contains a list of JWT tokens issued + for a given role + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +--- +# Source: argocd/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-application-controller + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +rules: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' +--- +# Source: argocd/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-notifications-controller + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +rules: + - apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - get + - list + - watch + - update + - patch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - list + - watch + - apiGroups: + - "" + resourceNames: + - argocd-notifications-cm + resources: + - configmaps + verbs: + - get + - apiGroups: + - "" + resourceNames: + - argocd-notifications-secret + resources: + - secrets + verbs: + - get +--- +# Source: argocd/charts/argo-cd/templates/argocd-server/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-server + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +rules: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - delete # supports deletion a live object in UI + - get # supports viewing live object manifest in UI + - patch # supports `argocd app patch` + - apiGroups: + - "" + resources: + - events + verbs: + - list # supports listing events in UI + - create + - apiGroups: + - "" + resources: + - pods + - pods/log + verbs: + - get # supports viewing pod logs from UI + - apiGroups: + - argoproj.io + resources: + - applications + - applicationsets + verbs: + - get + - list + - update + - watch + - apiGroups: + - batch + resources: + + - jobs + verbs: + - create + - apiGroups: + - argoproj.io + resources: + - workflows + verbs: + + - create +--- +# Source: argocd/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: argocd-application-controller + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argocd-application-controller +subjects: +- kind: ServiceAccount + name: argocd-application-controller + namespace: argocd +--- +# Source: argocd/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: argocd-notifications-controller + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argocd-notifications-controller +subjects: +- kind: ServiceAccount + name: argocd-notifications-controller + namespace: argocd +--- +# Source: argocd/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: argocd-server + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argocd-server +subjects: +- kind: ServiceAccount + name: argocd-server + namespace: argocd +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-ha-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-redis-ha + namespace: "argocd" + labels: + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 +rules: +- apiGroups: + - "" + resources: + - endpoints + verbs: + - get +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-haproxy-role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-redis-ha-haproxy + namespace: "argocd" + labels: + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 + component: haproxy +rules: +- apiGroups: + - "" + resources: + - endpoints + verbs: + - get +--- +# Source: argocd/charts/argo-cd/templates/argocd-application-controller/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-application-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - argoproj.io + resources: + - applications + - applicationsets + - appprojects + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - list +- apiGroups: + - apps + resources: + - deployments + verbs: + - get + - list + - watch +--- +# Source: argocd/charts/argo-cd/templates/argocd-applicationset/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-applicationset-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +rules: + - apiGroups: + - argoproj.io + resources: + - applications + - applicationsets + - applicationsets/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - argoproj.io + resources: + - applicationsets/status + verbs: + - get + - patch + - update + - apiGroups: + - argoproj.io + resources: + - appprojects + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - update + - delete + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - deployments + verbs: + - get + - list + - watch + # argocd-applicationset-controller leader election rules + # Create with resourceNames fails, so use a separate rule for the lease creation + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - apiGroups: + - coordination.k8s.io + resources: + - leases + resourceNames: + # Defined in `cmd/argocd-applicationset-controller/commands/applicationset_controller.go` + - 58ac56fa.applicationsets.argoproj.io + verbs: + - get + - update + - create +--- +# Source: argocd/charts/argo-cd/templates/argocd-notifications/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-notifications-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +rules: +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - list + - watch +- apiGroups: + - "" + resourceNames: + - argocd-notifications-cm + resources: + - configmaps + verbs: + - get +- apiGroups: + - "" + resourceNames: + - argocd-notifications-secret + resources: + - secrets + verbs: + - get +--- +# Source: argocd/charts/argo-cd/templates/argocd-repo-server/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-repo-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +rules: +--- +# Source: argocd/charts/argo-cd/templates/argocd-server/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - argoproj.io + resources: + - applications + - applicationsets + - appprojects + verbs: + - create + - get + - list + - watch + - update + - delete + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - list +--- +# Source: argocd/charts/argo-cd/templates/dex/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-dex-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: dex-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-ha-rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-redis-ha + namespace: "argocd" + labels: + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 +subjects: +- kind: ServiceAccount + name: argocd-redis-ha +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-redis-ha +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-haproxy-rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-redis-ha-haproxy + namespace: "argocd" + labels: + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 + component: haproxy +subjects: +- kind: ServiceAccount + name: argocd-redis-ha-haproxy +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-redis-ha-haproxy +--- +# Source: argocd/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-application-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-application-controller +subjects: + - kind: ServiceAccount + name: argocd-application-controller + namespace: argocd +--- +# Source: argocd/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-applicationset-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-applicationset-controller +subjects: + - kind: ServiceAccount + name: argocd-applicationset-controller + namespace: argocd +--- +# Source: argocd/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-notifications-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-notifications-controller +subjects: + - kind: ServiceAccount + name: argocd-notifications-controller + namespace: argocd +--- +# Source: argocd/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-repo-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-repo-server +subjects: +- kind: ServiceAccount + name: argocd-repo-server + namespace: argocd +--- +# Source: argocd/charts/argo-cd/templates/argocd-server/rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-server +subjects: +- kind: ServiceAccount + name: argocd-server + namespace: argocd +--- +# Source: argocd/charts/argo-cd/templates/dex/rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-dex-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: dex-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-dex-server +subjects: +- kind: ServiceAccount + name: argocd-dex-server + namespace: argocd +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-ha-announce-service.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-redis-ha-announce-0 + namespace: "argocd" + labels: + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 + annotations: +spec: + publishNotReadyAddresses: true + type: ClusterIP + ports: + - name: tcp-server + port: 6379 + protocol: TCP + targetPort: redis + - name: tcp-sentinel + port: 26379 + protocol: TCP + targetPort: sentinel + selector: + release: argocd + app: redis-ha + "statefulset.kubernetes.io/pod-name": argocd-redis-ha-server-0 +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-ha-announce-service.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-redis-ha-announce-1 + namespace: "argocd" + labels: + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 + annotations: +spec: + publishNotReadyAddresses: true + type: ClusterIP + ports: + - name: tcp-server + port: 6379 + protocol: TCP + targetPort: redis + - name: tcp-sentinel + port: 26379 + protocol: TCP + targetPort: sentinel + selector: + release: argocd + app: redis-ha + "statefulset.kubernetes.io/pod-name": argocd-redis-ha-server-1 +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-ha-announce-service.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-redis-ha-announce-2 + namespace: "argocd" + labels: + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 + annotations: +spec: + publishNotReadyAddresses: true + type: ClusterIP + ports: + - name: tcp-server + port: 6379 + protocol: TCP + targetPort: redis + - name: tcp-sentinel + port: 26379 + protocol: TCP + targetPort: sentinel + selector: + release: argocd + app: redis-ha + "statefulset.kubernetes.io/pod-name": argocd-redis-ha-server-2 +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-ha-service.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-redis-ha + namespace: "argocd" + labels: + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 + annotations: +spec: + type: ClusterIP + clusterIP: None + ports: + - name: tcp-server + port: 6379 + protocol: TCP + targetPort: redis + - name: tcp-sentinel + port: 26379 + protocol: TCP + targetPort: sentinel + selector: + release: argocd + app: redis-ha +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-haproxy-service.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-redis-ha-haproxy + namespace: "argocd" + labels: + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 + component: haproxy + annotations: +spec: + type: ClusterIP + ports: + - name: tcp-haproxy + port: 6379 + protocol: TCP + targetPort: redis + - name: http-exporter-port + port: 9101 + protocol: TCP + targetPort: metrics-port + selector: + release: argocd + app: redis-ha-haproxy +--- +# Source: argocd/charts/argo-cd/templates/argocd-application-controller/metrics.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-application-controller-metrics + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-metrics + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + type: ClusterIP + ports: + - name: http-metrics + protocol: TCP + port: 8082 + targetPort: metrics + selector: + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: argocd +--- +# Source: argocd/charts/argo-cd/templates/argocd-applicationset/metrics.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-applicationset-controller-metrics + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-metrics + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + type: ClusterIP + ports: + - name: http-metrics + protocol: TCP + port: 8080 + targetPort: metrics + selector: + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: argocd +--- +# Source: argocd/charts/argo-cd/templates/argocd-applicationset/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-applicationset-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + type: ClusterIP + ports: + - name: http-webhook + port: 7000 + targetPort: webhook + selector: + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: argocd +--- +# Source: argocd/charts/argo-cd/templates/argocd-notifications/metrics.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-notifications-controller-metrics + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-metrics + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: argocd + ports: + - name: http-metrics + protocol: TCP + port: 9001 + targetPort: metrics +--- +# Source: argocd/charts/argo-cd/templates/argocd-repo-server/metrics.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-repo-server-metrics + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-repo-server-metrics + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + type: ClusterIP + ports: + - name: http-metrics + protocol: TCP + port: 8084 + targetPort: metrics + selector: + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: argocd +--- +# Source: argocd/charts/argo-cd/templates/argocd-repo-server/service.yaml +apiVersion: v1 +kind: Service +metadata: + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" + name: argocd-repo-server + namespace: argocd +spec: + ports: + - name: tcp-repo-server + protocol: TCP + port: 8081 + targetPort: repo-server + selector: + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: argocd +--- +# Source: argocd/charts/argo-cd/templates/argocd-server/metrics.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-server-metrics + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-server-metrics + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + type: ClusterIP + ports: + - name: http-metrics + protocol: TCP + port: 8083 + targetPort: metrics + selector: + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: argocd +--- +# Source: argocd/charts/argo-cd/templates/argocd-server/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + type: ClusterIP + sessionAffinity: None + ports: + - name: http + protocol: TCP + port: 80 + targetPort: 8080 + - name: https + protocol: TCP + port: 443 + targetPort: 8080 + selector: + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: argocd +--- +# Source: argocd/charts/argo-cd/templates/dex/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: argocd-dex-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: dex-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + ports: + - name: http + protocol: TCP + port: 5556 + targetPort: http + - name: grpc + protocol: TCP + port: 5557 + targetPort: grpc + - name: http-metrics + protocol: TCP + port: 5558 + targetPort: metrics + selector: + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: argocd +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-haproxy-deployment.yaml +kind: Deployment +apiVersion: apps/v1 +metadata: + name: argocd-redis-ha-haproxy + namespace: "argocd" + labels: + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 + component: haproxy +spec: + strategy: + type: RollingUpdate + revisionHistoryLimit: 1 + replicas: 3 + selector: + matchLabels: + app: redis-ha-haproxy + release: argocd + component: haproxy + template: + metadata: + name: argocd-redis-ha-haproxy + labels: + app: redis-ha-haproxy + release: argocd + component: haproxy + app.kubernetes.io/name: argocd-redis-ha-haproxy + annotations: + prometheus.io/port: "9101" + prometheus.io/scrape: "true" + prometheus.io/path: "/metrics" + checksum/config: 41729c8b600983b574147eb778eb317992f0a620e163e58b070b159548c3f8e6 + spec: + # Needed when using unmodified rbac-setup.yml + + serviceAccountName: argocd-redis-ha-haproxy + securityContext: + fsGroup: 99 + runAsNonRoot: true + runAsUser: 99 + automountServiceAccountToken: true + nodeSelector: + {} + tolerations: + [] + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app: redis-ha-haproxy + release: argocd + component: haproxy + topologyKey: kubernetes.io/hostname + initContainers: + - name: config-init + image: ecr-public.aws.com/docker/library/haproxy:3.0.8-alpine + imagePullPolicy: IfNotPresent + resources: + {} + command: + - sh + args: + - /readonly/haproxy_init.sh + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - name: config-volume + mountPath: /readonly + readOnly: true + - name: data + mountPath: /data + containers: + - name: haproxy + image: ecr-public.aws.com/docker/library/haproxy:3.0.8-alpine + imagePullPolicy: IfNotPresent + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + livenessProbe: + httpGet: + path: /healthz + port: probe + initialDelaySeconds: 5 + periodSeconds: 3 + readinessProbe: + httpGet: + path: /healthz + port: probe + initialDelaySeconds: 5 + periodSeconds: 3 + ports: + - name: probe + containerPort: 8888 + - name: redis + containerPort: 6379 + - name: metrics-port + containerPort: 9101 + resources: + {} + volumeMounts: + - name: data + mountPath: /usr/local/etc/haproxy + - name: shared-socket + mountPath: /run/haproxy + lifecycle: + {} + volumes: + - name: config-volume + configMap: + name: argocd-redis-ha-configmap + - name: shared-socket + emptyDir: + {} + - name: data + emptyDir: + {} +--- +# Source: argocd/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-applicationset-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + replicas: 2 + revisionHistoryLimit: 3 + selector: + matchLabels: + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: argocd + template: + metadata: + annotations: + checksum/cmd-params: bf2519278596ec7cee3e61f230a7b6ebbdcc8a5166fe036da04fccfdfa4ac1d1 + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-applicationset-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: applicationset-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" + spec: + terminationGracePeriodSeconds: 30 + serviceAccountName: argocd-applicationset-controller + automountServiceAccountToken: true + containers: + - name: applicationset-controller + image: quay.io/argoproj/argocd:v3.2.1 + imagePullPolicy: IfNotPresent + args: + - /usr/local/bin/argocd-applicationset-controller + - --metrics-addr=:8080 + - --probe-addr=:8081 + - --webhook-addr=:7000 + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.global.preserved.annotations + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_LABELS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.global.preserved.labels + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.leader.election + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + valueFrom: + configMapKeyRef: + key: repo.server + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.policy + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.policy.override + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.debug + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.format + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_LOG_FORMAT_TIMESTAMP + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: log.format.timestamp + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.dryrun + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_MODULES_ENABLED + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.git.submodule + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.progressive.syncs + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_TOKENREF_STRICT_MODE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.tokenref.strict.mode + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.new.git.file.globbing + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.plaintext + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.strict.tls + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.timeout.seconds + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.concurrent.reconciliations.max + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.namespaces + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.scm.root.ca.path + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.allowed.scm.providers + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.enable.scm.providers + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_GITHUB_API_METRICS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.enable.github.api.metrics + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_WEBHOOK_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.webhook.parallelism.limit + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REQUEUE_AFTER + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.requeue.after + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_MAX_RESOURCES_STATUS_COUNT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.status.max.resources.count + optional: true + ports: + - name: metrics + containerPort: 8080 + protocol: TCP + - name: probe + containerPort: 8081 + protocol: TCP + - name: webhook + containerPort: 7000 + protocol: TCP + livenessProbe: + tcpSocket: + port: probe + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + tcpSocket: + port: probe + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /app/config/ssh + name: ssh-known-hosts + - mountPath: /app/config/tls + name: tls-certs + - mountPath: /app/config/gpg/source + name: gpg-keys + - mountPath: /app/config/gpg/keys + name: gpg-keyring + - mountPath: /app/config/reposerver/tls + name: argocd-repo-server-tls + - mountPath: /home/argocd/params + name: argocd-cmd-params-cm + - mountPath: /tmp + name: tmp + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-applicationset-controller + topologyKey: kubernetes.io/hostname + nodeSelector: + kubernetes.io/os: linux + volumes: + - name: ssh-known-hosts + configMap: + name: argocd-ssh-known-hosts-cm + - name: tls-certs + configMap: + name: argocd-tls-certs-cm + - name: gpg-keys + configMap: + name: argocd-gpg-keys-cm + - name: gpg-keyring + emptyDir: {} + - name: tmp + emptyDir: {} + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + - name: argocd-cmd-params-cm + configMap: + optional: true + name: argocd-cmd-params-cm + items: + - key: applicationsetcontroller.profile.enabled + path: profiler.enabled + dnsPolicy: ClusterFirst +--- +# Source: argocd/charts/argo-cd/templates/argocd-notifications/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-notifications-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + replicas: 1 + revisionHistoryLimit: 3 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: argocd + template: + metadata: + annotations: + checksum/cmd-params: bf2519278596ec7cee3e61f230a7b6ebbdcc8a5166fe036da04fccfdfa4ac1d1 + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-notifications-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: notifications-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" + spec: + terminationGracePeriodSeconds: 30 + serviceAccountName: argocd-notifications-controller + automountServiceAccountToken: true + containers: + - name: notifications-controller + image: quay.io/argoproj/argocd:v3.2.1 + imagePullPolicy: IfNotPresent + args: + - /usr/local/bin/argocd-notifications + - --metrics-port=9001 + - --namespace=argocd + - --argocd-repo-server=argocd-repo-server:8081 + - --secret-name=argocd-notifications-secret + env: + - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: notificationscontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: notificationscontroller.log.format + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_LOG_FORMAT_TIMESTAMP + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: log.format.timestamp + optional: true + - name: ARGOCD_APPLICATION_NAMESPACES + valueFrom: + configMapKeyRef: + key: application.namespaces + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_NOTIFICATION_CONTROLLER_SELF_SERVICE_NOTIFICATION_ENABLED + valueFrom: + configMapKeyRef: + key: notificationscontroller.selfservice.enabled + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_NOTIFICATION_CONTROLLER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + key: notificationscontroller.repo.server.plaintext + name: argocd-cmd-params-cm + optional: true + ports: + - name: metrics + containerPort: 9001 + protocol: TCP + livenessProbe: + tcpSocket: + port: metrics + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + tcpSocket: + port: metrics + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + workingDir: /app + volumeMounts: + - name: tls-certs + mountPath: /app/config/tls + - name: argocd-repo-server-tls + mountPath: /app/config/reposerver/tls + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-notifications-controller + topologyKey: kubernetes.io/hostname + nodeSelector: + kubernetes.io/os: linux + volumes: + - name: tls-certs + configMap: + name: argocd-tls-certs-cm + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + dnsPolicy: ClusterFirst +--- +# Source: argocd/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-repo-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + replicas: 2 + revisionHistoryLimit: 3 + selector: + matchLabels: + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: argocd + template: + metadata: + annotations: + checksum/cmd-params: bf2519278596ec7cee3e61f230a7b6ebbdcc8a5166fe036da04fccfdfa4ac1d1 + checksum/cm: b85950385c4567f0f6332e53f51df2bbe58a65f5771ac318c863d1b4e831ff9b + checksum/cmp-cm: 889b23506729520737104bb8fb0d94e269ba3ec96a1a0e9ffe5c7bdf1025801c + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: repo-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" + spec: + terminationGracePeriodSeconds: 30 + serviceAccountName: argocd-repo-server + automountServiceAccountToken: true + containers: + - name: repo-server + image: quay.io/argoproj/argocd:v3.2.1 + imagePullPolicy: IfNotPresent + args: + - /usr/local/bin/argocd-repo-server + - --port=8081 + - --metrics-port=8084 + env: + - name: ARGOCD_REPO_SERVER_NAME + value: argocd-repo-server + - name: ARGOCD_RECONCILIATION_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cm + key: timeout.reconciliation + optional: true + - name: ARGOCD_REPO_SERVER_LOGFORMAT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.log.format + optional: true + - name: ARGOCD_REPO_SERVER_LOGLEVEL + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.log.level + optional: true + - name: ARGOCD_LOG_FORMAT_TIMESTAMP + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: log.format.timestamp + optional: true + - name: ARGOCD_REPO_SERVER_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.parallelism.limit + optional: true + - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.listen.address + optional: true + - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.metrics.listen.address + optional: true + - name: ARGOCD_REPO_SERVER_DISABLE_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.disable.tls + optional: true + - name: ARGOCD_TLS_MIN_VERSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.tls.minversion + optional: true + - name: ARGOCD_TLS_MAX_VERSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.tls.maxversion + optional: true + - name: ARGOCD_TLS_CIPHERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.tls.ciphers + optional: true + - name: ARGOCD_REPO_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.repo.cache.expiration + optional: true + - name: REDIS_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.server + optional: true + - name: REDIS_COMPRESSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.compression + optional: true + - name: REDISDB + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.db + optional: true + - name: REDIS_USERNAME + valueFrom: + secretKeyRef: + name: "argocd-redis" + key: redis-username + optional: true + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: "argocd-redis" # hard-coded in Job command and embedded Redis deployments (standalone and redis-ha) + key: auth + optional: false # Secret is not optional in this case ! + - name: REDIS_SENTINEL_USERNAME + valueFrom: + secretKeyRef: + name: argocd-redis-ha-haproxy + key: redis-sentinel-username + optional: true + - name: REDIS_SENTINEL_PASSWORD + valueFrom: + secretKeyRef: + name: argocd-redis-ha-haproxy + key: redis-sentinel-password + optional: true + - name: ARGOCD_DEFAULT_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.default.cache.expiration + optional: true + - name: ARGOCD_REPO_SERVER_OTLP_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.address + optional: true + - name: ARGOCD_REPO_SERVER_OTLP_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.insecure + optional: true + - name: ARGOCD_REPO_SERVER_OTLP_HEADERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.headers + optional: true + - name: ARGOCD_REPO_SERVER_OTLP_ATTRS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.attrs + optional: true + - name: ARGOCD_REPO_SERVER_MAX_COMBINED_DIRECTORY_MANIFESTS_SIZE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.max.combined.directory.manifests.size + optional: true + - name: ARGOCD_REPO_SERVER_PLUGIN_TAR_EXCLUSIONS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.plugin.tar.exclusions + optional: true + - name: ARGOCD_REPO_SERVER_PLUGIN_USE_MANIFEST_GENERATE_PATHS + valueFrom: + configMapKeyRef: + key: reposerver.plugin.use.manifest.generate.paths + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS + valueFrom: + configMapKeyRef: + key: reposerver.allow.oob.symlinks + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_TAR_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.streamed.manifest.max.tar.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.streamed.manifest.max.extracted.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_HELM_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.helm.manifest.max.extracted.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_DISABLE_HELM_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.disable.helm.manifest.max.extracted.size + optional: true + - name: ARGOCD_GIT_MODULES_ENABLED + valueFrom: + configMapKeyRef: + key: reposerver.enable.git.submodule + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_LS_REMOTE_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + key: reposerver.git.lsremote.parallelism.limit + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_REQUEST_TIMEOUT + valueFrom: + configMapKeyRef: + key: reposerver.git.request.timeout + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_OCI_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.oci.manifest.max.extracted.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_DISABLE_OCI_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.disable.oci.manifest.max.extracted.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_OCI_LAYER_MEDIA_TYPES + valueFrom: + configMapKeyRef: + key: reposerver.oci.layer.media.types + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REVISION_CACHE_LOCK_TIMEOUT + valueFrom: + configMapKeyRef: + key: reposerver.revision.cache.lock.timeout + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_ENABLE_BUILTIN_GIT_CONFIG + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.enable.builtin.git.config + optional: true + - name: ARGOCD_GRPC_MAX_SIZE_MB + valueFrom: + configMapKeyRef: + key: reposerver.grpc.max.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_INCLUDE_HIDDEN_DIRECTORIES + valueFrom: + configMapKeyRef: + key: reposerver.include.hidden.directories + name: argocd-cmd-params-cm + optional: true + - name: HELM_CACHE_HOME + value: /helm-working-dir + - name: HELM_CONFIG_HOME + value: /helm-working-dir + - name: HELM_DATA_HOME + value: /helm-working-dir + volumeMounts: + - mountPath: /app/config/ssh + name: ssh-known-hosts + - mountPath: /app/config/tls + name: tls-certs + - mountPath: /app/config/gpg/source + name: gpg-keys + - mountPath: /app/config/gpg/keys + name: gpg-keyring + - mountPath: /app/config/reposerver/tls + name: argocd-repo-server-tls + - mountPath: /helm-working-dir + name: helm-working-dir + - mountPath: /home/argocd/cmp-server/plugins + name: plugins + - mountPath: /tmp + name: tmp + ports: + - name: repo-server + containerPort: 8081 + protocol: TCP + - name: metrics + containerPort: 8084 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz?full=true + port: metrics + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /healthz + port: metrics + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + - command: + - /var/run/argocd/argocd-cmp-server + image: ghcr.io/akuity/cdk8s-cmp-typescript:1.0 + name: cmp-cdk8s + securityContext: + runAsNonRoot: true + runAsUser: 999 + volumeMounts: + - mountPath: /var/run/argocd + name: var-files + - mountPath: /home/argocd/cmp-server/plugins + name: plugins + - mountPath: /home/argocd/cmp-server/config/plugin.yaml + name: argocd-cmp-cm + subPath: cdk8s.yaml + - mountPath: /tmp + name: cmp-tmp + initContainers: + - command: + - /bin/cp + - -n + - /usr/local/bin/argocd + - /var/run/argocd/argocd-cmp-server + image: quay.io/argoproj/argocd:v3.2.1 + imagePullPolicy: IfNotPresent + name: copyutil + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /var/run/argocd + name: var-files + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-repo-server + topologyKey: kubernetes.io/hostname + nodeSelector: + kubernetes.io/os: linux + volumes: + - configMap: + name: argocd-cmp-cm + name: argocd-cmp-cm + - emptyDir: {} + name: cmp-tmp + - name: helm-working-dir + emptyDir: {} + - name: plugins + emptyDir: {} + - name: var-files + emptyDir: {} + - name: tmp + emptyDir: {} + - name: ssh-known-hosts + configMap: + name: argocd-ssh-known-hosts-cm + - name: tls-certs + configMap: + name: argocd-tls-certs-cm + - name: gpg-keys + configMap: + name: argocd-gpg-keys-cm + - name: gpg-keyring + emptyDir: {} + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + dnsPolicy: ClusterFirst +--- +# Source: argocd/charts/argo-cd/templates/argocd-server/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + replicas: 2 + revisionHistoryLimit: 3 + selector: + matchLabels: + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: argocd + template: + metadata: + annotations: + checksum/cmd-params: bf2519278596ec7cee3e61f230a7b6ebbdcc8a5166fe036da04fccfdfa4ac1d1 + checksum/cm: b85950385c4567f0f6332e53f51df2bbe58a65f5771ac318c863d1b4e831ff9b + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" + spec: + terminationGracePeriodSeconds: 30 + serviceAccountName: argocd-server + automountServiceAccountToken: true + containers: + - name: server + image: quay.io/argoproj/argocd:v3.2.1 + imagePullPolicy: IfNotPresent + args: + - /usr/local/bin/argocd-server + - --port=8080 + - --metrics-port=8083 + env: + - name: ARGOCD_SERVER_NAME + value: argocd-server + - name: ARGOCD_SERVER_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.insecure + optional: true + - name: ARGOCD_SERVER_BASEHREF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.basehref + optional: true + - name: ARGOCD_SERVER_ROOTPATH + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.rootpath + optional: true + - name: ARGOCD_SERVER_LOGFORMAT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.log.format + optional: true + - name: ARGOCD_SERVER_LOG_LEVEL + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.log.level + optional: true + - name: ARGOCD_SERVER_REPO_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: repo.server + optional: true + - name: ARGOCD_SERVER_DEX_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.dex.server + optional: true + - name: ARGOCD_SERVER_DISABLE_AUTH + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.disable.auth + optional: true + - name: ARGOCD_SERVER_ENABLE_GZIP + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.enable.gzip + optional: true + - name: ARGOCD_SERVER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.repo.server.timeout.seconds + optional: true + - name: ARGOCD_SERVER_X_FRAME_OPTIONS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.x.frame.options + optional: true + - name: ARGOCD_SERVER_CONTENT_SECURITY_POLICY + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.content.security.policy + optional: true + - name: ARGOCD_SERVER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.repo.server.plaintext + optional: true + - name: ARGOCD_SERVER_REPO_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.repo.server.strict.tls + optional: true + - name: ARGOCD_SERVER_DEX_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.dex.server.plaintext + optional: true + - name: ARGOCD_SERVER_DEX_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.dex.server.strict.tls + optional: true + - name: ARGOCD_TLS_MIN_VERSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.tls.minversion + optional: true + - name: ARGOCD_TLS_MAX_VERSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.tls.maxversion + optional: true + - name: ARGOCD_TLS_CIPHERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.tls.ciphers + optional: true + - name: ARGOCD_SERVER_CONNECTION_STATUS_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.connection.status.cache.expiration + optional: true + - name: ARGOCD_SERVER_OIDC_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.oidc.cache.expiration + optional: true + - name: ARGOCD_SERVER_STATIC_ASSETS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.staticassets + optional: true + - name: ARGOCD_APP_STATE_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.app.state.cache.expiration + optional: true + - name: REDIS_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.server + optional: true + - name: REDIS_COMPRESSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.compression + optional: true + - name: REDISDB + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.db + optional: true + - name: REDIS_USERNAME + valueFrom: + secretKeyRef: + name: "argocd-redis" + key: redis-username + optional: true + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: "argocd-redis" # hard-coded in Job command and embedded Redis deployments (standalone and redis-ha) + key: auth + optional: false # Secret is not optional in this case ! + - name: REDIS_SENTINEL_USERNAME + valueFrom: + secretKeyRef: + name: argocd-redis-ha-haproxy + key: redis-sentinel-username + optional: true + - name: REDIS_SENTINEL_PASSWORD + valueFrom: + secretKeyRef: + name: argocd-redis-ha-haproxy + key: redis-sentinel-password + optional: true + - name: ARGOCD_DEFAULT_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.default.cache.expiration + optional: true + - name: ARGOCD_MAX_COOKIE_NUMBER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.http.cookie.maxnumber + optional: true + - name: ARGOCD_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.listen.address + optional: true + - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.metrics.listen.address + optional: true + - name: ARGOCD_SERVER_OTLP_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.address + optional: true + - name: ARGOCD_SERVER_OTLP_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.insecure + optional: true + - name: ARGOCD_SERVER_OTLP_HEADERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.headers + optional: true + - name: ARGOCD_SERVER_OTLP_ATTRS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.attrs + optional: true + - name: ARGOCD_APPLICATION_NAMESPACES + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: application.namespaces + optional: true + - name: ARGOCD_SERVER_ENABLE_PROXY_EXTENSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.enable.proxy.extension + optional: true + - name: ARGOCD_K8SCLIENT_RETRY_MAX + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.k8sclient.retry.max + optional: true + - name: ARGOCD_K8SCLIENT_RETRY_BASE_BACKOFF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.k8sclient.retry.base.backoff + optional: true + - name: ARGOCD_API_CONTENT_TYPES + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.api.content.types + optional: true + - name: ARGOCD_SERVER_WEBHOOK_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.webhook.parallelism.limit + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.new.git.file.globbing + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.scm.root.ca.path + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.allowed.scm.providers + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.enable.scm.providers + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_GITHUB_API_METRICS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.enable.github.api.metrics + optional: true + - name: ARGOCD_HYDRATOR_ENABLED + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: hydrator.enabled + optional: true + - name: ARGOCD_SYNC_WITH_REPLACE_ALLOWED + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.sync.replace.allowed + optional: true + volumeMounts: + - mountPath: /app/config/ssh + name: ssh-known-hosts + - mountPath: /app/config/tls + name: tls-certs + - mountPath: /app/config/server/tls + name: argocd-repo-server-tls + - mountPath: /app/config/dex/tls + name: argocd-dex-server-tls + - mountPath: /home/argocd + name: plugins-home + - mountPath: /shared/app/custom + name: styles + - mountPath: /tmp + name: tmp + - name: argocd-cmd-params-cm + mountPath: /home/argocd/params + - mountPath: /tmp/extensions + name: extensions + ports: + - name: server + containerPort: 8080 + protocol: TCP + - name: metrics + containerPort: 8083 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz?full=true + port: server + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /healthz + port: server + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + initContainers: + - name: extension-trivy + image: quay.io/argoprojlabs/argocd-extension-installer:v0.0.8 + imagePullPolicy: IfNotPresent + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - name: extensions + mountPath: /tmp/extensions/ + - name: tmp + mountPath: /tmp + env: + - name: EXTENSION_URL + value: https://github.com/mziyabo/argocd-trivy-extension/releases/download/v0.2.0/extension-trivy.tar + - name: EXTENSION_CHECKSUM_URL + value: https://github.com/mziyabo/argocd-trivy-extension/releases/download/v0.2.0/extension-trivy_checksums.txt + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-server + topologyKey: kubernetes.io/hostname + nodeSelector: + kubernetes.io/os: linux + volumes: + - name: extensions + emptyDir: {} + - name: plugins-home + emptyDir: {} + - name: tmp + emptyDir: {} + - name: ssh-known-hosts + configMap: + name: argocd-ssh-known-hosts-cm + - name: tls-certs + configMap: + name: argocd-tls-certs-cm + - name: styles + configMap: + name: argocd-styles-cm + optional: true + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + - name: argocd-dex-server-tls + secret: + secretName: argocd-dex-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: ca.crt + path: ca.crt + - name: argocd-cmd-params-cm + configMap: + optional: true + name: argocd-cmd-params-cm + items: + - key: server.profile.enabled + path: profiler.enabled + dnsPolicy: ClusterFirst +--- +# Source: argocd/charts/argo-cd/templates/dex/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-dex-server + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: dex-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + replicas: 1 + revisionHistoryLimit: 3 + selector: + matchLabels: + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: argocd + template: + metadata: + annotations: + checksum/cmd-params: bf2519278596ec7cee3e61f230a7b6ebbdcc8a5166fe036da04fccfdfa4ac1d1 + checksum/cm: b85950385c4567f0f6332e53f51df2bbe58a65f5771ac318c863d1b4e831ff9b + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-dex-server + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: dex-server + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" + spec: + terminationGracePeriodSeconds: 30 + serviceAccountName: argocd-dex-server + automountServiceAccountToken: true + containers: + - name: dex-server + image: ghcr.io/dexidp/dex:v2.44.0 + imagePullPolicy: IfNotPresent + command: + - /shared/argocd-dex + args: + - rundex + env: + - name: ARGOCD_DEX_SERVER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: dexserver.log.format + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_DEX_SERVER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: dexserver.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_LOG_FORMAT_TIMESTAMP + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: log.format.timestamp + optional: true + - name: ARGOCD_DEX_SERVER_DISABLE_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: dexserver.disable.tls + optional: true + ports: + - name: http + containerPort: 5556 + protocol: TCP + - name: grpc + containerPort: 5557 + protocol: TCP + - name: metrics + containerPort: 5558 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz/live + port: metrics + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /healthz/ready + port: metrics + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - name: static-files + mountPath: /shared + - name: dexconfig + mountPath: /tmp + - name: argocd-dex-server-tls + mountPath: /tls + initContainers: + - name: copyutil + image: quay.io/argoproj/argocd:v3.2.1 + imagePullPolicy: IfNotPresent + command: + - /bin/cp + - -n + - /usr/local/bin/argocd + - /shared/argocd-dex + volumeMounts: + - mountPath: /shared + name: static-files + - mountPath: /tmp + name: dexconfig + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-dex-server + topologyKey: kubernetes.io/hostname + nodeSelector: + kubernetes.io/os: linux + volumes: + - name: static-files + emptyDir: {} + - name: dexconfig + emptyDir: {} + - name: argocd-dex-server-tls + secret: + secretName: argocd-dex-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + dnsPolicy: ClusterFirst +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/redis-ha-statefulset.yaml +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: argocd-redis-ha-server + namespace: "argocd" + labels: + argocd-redis-ha: replica + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 + annotations: + {} +spec: + selector: + matchLabels: + release: argocd + app: redis-ha + serviceName: argocd-redis-ha + replicas: 3 + podManagementPolicy: OrderedReady + updateStrategy: + type: RollingUpdate + template: + metadata: + annotations: + checksum/init-config: ba53465a7f9221d17ea160133c99baec040e67b7b15fb4743adc8eca497cdf89 + labels: + release: argocd + app: redis-ha + argocd-redis-ha: replica + spec: + terminationGracePeriodSeconds: 60 + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app: redis-ha + release: argocd + argocd-redis-ha: replica + topologyKey: kubernetes.io/hostname + securityContext: + fsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + serviceAccountName: argocd-redis-ha + automountServiceAccountToken: false + initContainers: + - name: config-init + image: ecr-public.aws.com/docker/library/redis:8.2.2-alpine + imagePullPolicy: IfNotPresent + resources: + {} + command: + - sh + args: + - /readonly-config/init.sh + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + env: + - name: SENTINEL_ID_0 + value: 3c0d9c0320bb34888c2df5757c718ce6ca992ce6 + - name: SENTINEL_ID_1 + value: 40000915ab58c3fa8fd888fb8b24711944e6cbb4 + - name: SENTINEL_ID_2 + value: 2bbec7894d954a8af3bb54d13eaec53cb024e2ca + volumeMounts: + - name: config + mountPath: /readonly-config + readOnly: true + - name: data + mountPath: /data + + + + containers: + - name: redis + image: ecr-public.aws.com/docker/library/redis:8.2.2-alpine + imagePullPolicy: IfNotPresent + command: + - redis-server + args: + - /data/conf/redis.conf + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 5 + exec: + command: + - sh + - -c + - /health/redis_liveness.sh + readinessProbe: + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 5 + exec: + command: + - sh + - -c + - /health/redis_readiness.sh + startupProbe: + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 5 + exec: + command: + - sh + - -c + - /health/redis_readiness.sh + resources: + {} + ports: + - name: redis + containerPort: 6379 + volumeMounts: + - name: config + mountPath: /readonly-config + readOnly: true + - mountPath: /data + name: data + - mountPath: /health + name: health + lifecycle: + preStop: + exec: + command: + - /bin/sh + - /readonly-config/trigger-failover-if-master.sh + - name: sentinel + image: ecr-public.aws.com/docker/library/redis:8.2.2-alpine + imagePullPolicy: IfNotPresent + command: + - redis-sentinel + args: + - /data/conf/sentinel.conf + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 5 + exec: + command: + - sh + - -c + - /health/sentinel_liveness.sh + readinessProbe: + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 15 + successThreshold: 3 + failureThreshold: 5 + exec: + command: + - sh + - -c + - /health/sentinel_liveness.sh + startupProbe: + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 3 + exec: + command: + - sh + - -c + - /health/sentinel_liveness.sh + resources: + {} + ports: + - name: sentinel + containerPort: 26379 + volumeMounts: + - mountPath: /data + name: data + - mountPath: /health + name: health + lifecycle: + {} + + - name: split-brain-fix + image: ecr-public.aws.com/docker/library/redis:8.2.2-alpine + imagePullPolicy: IfNotPresent + command: + - sh + args: + - /readonly-config/fix-split-brain.sh + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + env: + - name: SENTINEL_ID_0 + value: 3c0d9c0320bb34888c2df5757c718ce6ca992ce6 + - name: SENTINEL_ID_1 + value: 40000915ab58c3fa8fd888fb8b24711944e6cbb4 + - name: SENTINEL_ID_2 + value: 2bbec7894d954a8af3bb54d13eaec53cb024e2ca + resources: + {} + volumeMounts: + - name: config + mountPath: /readonly-config + readOnly: true + - mountPath: /data + name: data + volumes: + - name: config + configMap: + name: argocd-redis-ha-configmap + - name: health + configMap: + name: argocd-redis-ha-health-configmap + defaultMode: 0755 + - name: data + emptyDir: + {} +--- +# Source: argocd/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: argocd-application-controller + namespace: argocd + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + replicas: 1 + revisionHistoryLimit: 5 + serviceName: argocd-application-controller + selector: + matchLabels: + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: argocd + template: + metadata: + annotations: + checksum/cmd-params: bf2519278596ec7cee3e61f230a7b6ebbdcc8a5166fe036da04fccfdfa4ac1d1 + checksum/cm: b85950385c4567f0f6332e53f51df2bbe58a65f5771ac318c863d1b4e831ff9b + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-application-controller + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: application-controller + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" + spec: + terminationGracePeriodSeconds: 30 + serviceAccountName: argocd-application-controller + automountServiceAccountToken: true + containers: + - args: + - /usr/local/bin/argocd-application-controller + - --metrics-port=8082 + image: quay.io/argoproj/argocd:v3.2.1 + imagePullPolicy: IfNotPresent + name: application-controller + env: + - name: ARGOCD_CONTROLLER_REPLICAS + value: "1" + - name: ARGOCD_APPLICATION_CONTROLLER_NAME + value: argocd-application-controller + - name: ARGOCD_RECONCILIATION_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cm + key: timeout.reconciliation + optional: true + - name: ARGOCD_HARD_RECONCILIATION_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cm + key: timeout.hard.reconciliation + optional: true + - name: ARGOCD_RECONCILIATION_JITTER + valueFrom: + configMapKeyRef: + key: timeout.reconciliation.jitter + name: argocd-cm + optional: true + - name: ARGOCD_REPO_ERROR_GRACE_PERIOD_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.error.grace.period.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: repo.server + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.server.timeout.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_STATUS_PROCESSORS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.status.processors + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OPERATION_PROCESSORS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.operation.processors + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.log.format + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.log.level + optional: true + - name: ARGOCD_LOG_FORMAT_TIMESTAMP + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: log.format.timestamp + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_METRICS_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.metrics.cache.expiration + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.timeout.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.backoff.timeout.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_FACTOR + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.backoff.factor + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_CAP_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.backoff.cap.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_COOLDOWN_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.backoff.cooldown.seconds + optional: true + - name: ARGOCD_SYNC_WAVE_DELAY + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.sync.wave.delay.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SYNC_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.sync.timeout.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.server.plaintext + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.server.strict.tls + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_PERSIST_RESOURCE_HEALTH + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.resource.health.persist + optional: true + - name: ARGOCD_APP_STATE_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.app.state.cache.expiration + optional: true + - name: REDIS_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.server + optional: true + - name: REDIS_COMPRESSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.compression + optional: true + - name: REDISDB + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.db + optional: true + - name: REDIS_USERNAME + valueFrom: + secretKeyRef: + name: "argocd-redis" + key: redis-username + optional: true + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: "argocd-redis" # hard-coded in Job command and embedded Redis deployments (standalone and redis-ha) + key: auth + optional: false # Secret is not optional in this case ! + - name: REDIS_SENTINEL_USERNAME + valueFrom: + secretKeyRef: + name: argocd-redis-ha-haproxy + key: redis-sentinel-username + optional: true + - name: REDIS_SENTINEL_PASSWORD + valueFrom: + secretKeyRef: + name: argocd-redis-ha-haproxy + key: redis-sentinel-password + optional: true + - name: ARGOCD_DEFAULT_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.default.cache.expiration + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.address + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.insecure + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_HEADERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.headers + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_ATTRS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.attrs + optional: true + - name: ARGOCD_APPLICATION_NAMESPACES + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: application.namespaces + optional: true + - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.sharding.algorithm + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.kubectl.parallelism.limit + optional: true + - name: ARGOCD_K8SCLIENT_RETRY_MAX + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.k8sclient.retry.max + optional: true + - name: ARGOCD_K8SCLIENT_RETRY_BASE_BACKOFF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.k8sclient.retry.base.backoff + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SERVER_SIDE_DIFF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.diff.server.side + optional: true + - name: ARGOCD_IGNORE_NORMALIZER_JQ_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.ignore.normalizer.jq.timeout + optional: true + - name: ARGOCD_HYDRATOR_ENABLED + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: hydrator.enabled + optional: true + - name: ARGOCD_CLUSTER_CACHE_BATCH_EVENTS_PROCESSING + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.cluster.cache.batch.events.processing + optional: true + - name: ARGOCD_CLUSTER_CACHE_EVENTS_PROCESSING_INTERVAL + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.cluster.cache.events.processing.interval + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_COMMIT_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: commit.server + optional: true + - name: KUBECACHEDIR + value: /tmp/kubecache + ports: + - name: metrics + containerPort: 8082 + protocol: TCP + readinessProbe: + httpGet: + path: /healthz + port: metrics + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + workingDir: /home/argocd + volumeMounts: + - mountPath: /app/config/controller/tls + name: argocd-repo-server-tls + - mountPath: /home/argocd + name: argocd-home + - name: argocd-cmd-params-cm + mountPath: /home/argocd/params + - name: argocd-application-controller-tmp + mountPath: /tmp + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-application-controller + topologyKey: kubernetes.io/hostname + nodeSelector: + kubernetes.io/os: linux + volumes: + - name: argocd-home + emptyDir: {} + - name: argocd-application-controller-tmp + emptyDir: {} + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + - name: argocd-cmd-params-cm + configMap: + optional: true + name: argocd-cmd-params-cm + items: + - key: controller.profile.enabled + path: profiler.enabled + dnsPolicy: ClusterFirst +--- +# Source: argocd/templates/external-secret.yaml +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: argocd-oidc-secret + namespace: argocd + labels: + app.kubernetes.io/name: argocd-oidc-secret + app.kubernetes.io/instance: argocd + app.kubernetes.io/part-of: argocd +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: secret + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /authentik/oidc/argocd + metadataPolicy: None + property: secret + - secretKey: client + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /authentik/oidc/argocd + metadataPolicy: None + property: client +--- +# Source: argocd/templates/external-secret.yaml +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: argocd-notifications-secret + namespace: argocd + labels: + app.kubernetes.io/name: argocd-notifications-secret + app.kubernetes.io/instance: argocd + app.kubernetes.io/part-of: argocd +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: ntfy-token + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /ntfy/user/cl01tl + metadataPolicy: None + property: token + +# --- +# apiVersion: external-secrets.io/v1 +# kind: ExternalSecret +# metadata: +# name: argocd-gitea-repo-infrastructure-secret +# namespace: argocd +# labels: +# app.kubernetes.io/name: argocd-gitea-repo-infrastructure-secret +# app.kubernetes.io/instance: argocd +# app.kubernetes.io/part-of: argocd +# spec: +# secretStoreRef: +# kind: ClusterSecretStore +# name: vault +# data: +# - secretKey: type +# remoteRef: +# conversionStrategy: Default +# decodingStrategy: None +# key: /cl01tl/argocd/credentials/repo/infrastructure +# metadataPolicy: None +# property: type +# - secretKey: url +# remoteRef: +# conversionStrategy: Default +# decodingStrategy: None +# key: /cl01tl/argocd/credentials/repo/infrastructure +# metadataPolicy: None +# property: url +# - secretKey: sshPrivateKey +# remoteRef: +# conversionStrategy: Default +# decodingStrategy: None +# key: /cl01tl/argocd/credentials/repo/infrastructure +# metadataPolicy: None +# property: sshPrivateKey +--- +# Source: argocd/templates/http-route.yaml +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: http-route-argocd + namespace: argocd + labels: + app.kubernetes.io/name: http-route-argocd + app.kubernetes.io/instance: argocd + app.kubernetes.io/part-of: argocd +spec: + parentRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: traefik-gateway + namespace: traefik + hostnames: + - argocd.alexlebens.net + rules: + - matches: + - path: + type: PathPrefix + value: / + backendRefs: + - group: '' + kind: Service + name: argocd-server + port: 80 + weight: 100 +--- +# Source: argocd/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: argocd-redis-secret-init + namespace: "argocd" + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-redis-secret-init + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: redis-secret-init + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +--- +# Source: argocd/charts/argo-cd/templates/redis-secret-init/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-redis-secret-init + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: redis-secret-init + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" + name: argocd-redis-secret-init + namespace: "argocd" +rules: + - apiGroups: + - "" + resources: + - secrets + resourceNames: + - argocd-redis + verbs: + - get + - apiGroups: + - "" + resources: + - secrets + verbs: + - create +--- +# Source: argocd/charts/argo-cd/templates/redis-secret-init/rolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-redis-secret-init + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: redis-secret-init + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" + name: argocd-redis-secret-init + namespace: "argocd" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-redis-secret-init +subjects: + - kind: ServiceAccount + name: argocd-redis-secret-init +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/tests/test-redis-ha-configmap.yaml +apiVersion: v1 +kind: Pod +metadata: + name: argocd-redis-ha-configmap-test + namespace: "argocd" + labels: + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 + annotations: + "helm.sh/hook": test-success +spec: + nodeSelector: + {} + tolerations: + [] + containers: + - name: check-init + image: koalaman/shellcheck:v0.10.0 + args: + - --shell=sh + - /readonly-config/init.sh + volumeMounts: + - name: config + mountPath: /readonly-config + readOnly: true + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + restartPolicy: Never + volumes: + - name: config + configMap: + name: argocd-redis-ha-configmap +--- +# Source: argocd/charts/argo-cd/charts/redis-ha/templates/tests/test-redis-ha-pod.yaml +apiVersion: v1 +kind: Pod +metadata: + name: argocd-redis-ha-service-test + namespace: "argocd" + labels: + app: redis-ha + heritage: "Helm" + release: "argocd" + chart: redis-ha-4.34.11 + annotations: + "helm.sh/hook": test-success +spec: + nodeSelector: + {} + tolerations: + [] + containers: + - name: "argocd-service-test" + image: ecr-public.aws.com/docker/library/redis:8.2.2-alpine + command: + - sh + - -c + - redis-cli -h argocd-redis-ha-haproxy -p 6379 info server + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + restartPolicy: Never +--- +# Source: argocd/charts/argo-cd/templates/redis-secret-init/job.yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: argocd-redis-secret-init + namespace: "argocd" + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-redis-secret-init + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: redis-secret-init + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" +spec: + ttlSecondsAfterFinished: 60 + template: + metadata: + labels: + helm.sh/chart: argo-cd-9.1.5 + app.kubernetes.io/name: argocd-redis-secret-init + app.kubernetes.io/instance: argocd + app.kubernetes.io/component: redis-secret-init + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: argocd + app.kubernetes.io/version: "v3.2.1" + spec: + containers: + - command: + - argocd + - admin + - redis-initial-password + image: quay.io/argoproj/argocd:v3.2.1 + imagePullPolicy: IfNotPresent + name: secret-init + resources: + {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + restartPolicy: OnFailure + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: argocd-redis-secret-init + topologyKey: kubernetes.io/hostname + nodeSelector: + kubernetes.io/os: linux + serviceAccountName: argocd-redis-secret-init diff --git a/clusters/cl01tl/manifests/backrest/backrest.yaml b/clusters/cl01tl/manifests/backrest/backrest.yaml index 0fe876ec9..1e459f5b3 100644 --- a/clusters/cl01tl/manifests/backrest/backrest.yaml +++ b/clusters/cl01tl/manifests/backrest/backrest.yaml @@ -53,27 +53,6 @@ spec: --- kind: PersistentVolumeClaim apiVersion: v1 -metadata: - name: backrest-data - labels: - app.kubernetes.io/instance: backrest - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: backrest - helm.sh/chart: backrest-4.4.0 - annotations: - helm.sh/resource-policy: keep - namespace: backrest -spec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "10Gi" - storageClassName: "ceph-block" ---- -# Source: backrest/charts/backrest/templates/common.yaml -kind: PersistentVolumeClaim -apiVersion: v1 metadata: name: backrest-config labels: @@ -92,6 +71,27 @@ spec: storage: "1Gi" storageClassName: "ceph-block" --- +# Source: backrest/charts/backrest/templates/common.yaml +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: backrest-data + labels: + app.kubernetes.io/instance: backrest + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: backrest + helm.sh/chart: backrest-4.4.0 + annotations: + helm.sh/resource-policy: keep + namespace: backrest +spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "10Gi" + storageClassName: "ceph-block" +--- # Source: backrest/templates/persistent-volume-claim.yaml apiVersion: v1 kind: PersistentVolumeClaim diff --git a/clusters/cl01tl/manifests/cilium/cilium.yaml b/clusters/cl01tl/manifests/cilium/cilium.yaml index 5cc6557fa..316a1b27a 100644 --- a/clusters/cl01tl/manifests/cilium/cilium.yaml +++ b/clusters/cl01tl/manifests/cilium/cilium.yaml @@ -51,8 +51,8 @@ metadata: name: cilium-ca namespace: kube-system data: - ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQUlDK0J4YUhQeG5mNDlQOGlTd3k5a2t3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkxTVRJd016QTBNVFkwTUZvWERUSTRNVEl3TWpBMApNVFkwTUZvd0ZERVNNQkFHQTFVRUF4TUpRMmxzYVhWdElFTkJNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFzQ0Q4aHdFd2FXRHN4a01vUGN2aFE3VERsSzdBVVM0SDVLLzIvUEJwaWU4RkYxU00KRkgrSGtkc21hNXZxUXl6WDdwd0RmRHpBRHdUUmNJdkxickZqY1BoQTF4MTdmUGVKSXBtZ0xlVWVUT0FWRENaUgpOMUJXaCsrNkJWaElMUWJhUituRUQyT1lZTThKeFk5OExxVjVYTmkyTEs0SGxhQnRIWjdSVFpsZ3JVNDNGSTlICkNzN0tmT0JONjIyVDR3dDFVRTdCNU5qVEZsMnUxUk9WK0hRak51cHNWSlFSYzA3Y294WEhReTAxVE1lb2lnWTkKNnZES0NXM1ZUTnlsZE83NGV4VlhJbUovOW5NZlQyMGJ1c200S09ibGttOEhTQ3RBY1RjOUI2SWUva0YvSzZIdQpUdGx5YWEwa3hCVW5rZTlUVXhoVEVRR0U0UDRha3d5NEgwWWJEd0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGSVBVMFJjZUR0NFVleWYreEplN0JMcnY3TlYvTUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRQlBuQ3piK2N0WG04VkRjT3YzVE9oWDZGbzVLSERWUElUOWhrQnhkb1NCNWRmNmNrM0FBVnNjClRIQjEvTTFTRDY1VnpFeFhFdWdkUkxQSjZGTDFzZTM2UjJFSjk3RjhudTV5VTRreEtYb1pmYmZKaFh1WW5hT1AKaXcxbU50V3EwS0t6TGhidHJkY3loaXlUTUFpeWFXTGs4RzRERURTZERPS1paS3ZsMFlpakd2dllpNEVQTXJlVAo3WDEyQzdlcjdCL0hEVlRLbFZVTnRFKzRyR0ZjZTFnLzYwVm9XT0dKckg4S0ozYjVUSC85bWpYemMvbml0TVBGCnFyb3B4aUxXVXdlNWZMTkhkaFI3ZnNkRDd3NWpuV0pFOU9CWFR4TXY3OXlJNVIwd3JOcytSQjA5dXRheUd4b0UKQUFadFdkZkx5TzA4dXhQaWZKenk2OUJUUWw3V3ZkWGcKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= - ca.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBc0NEOGh3RXdhV0RzeGtNb1BjdmhRN1REbEs3QVVTNEg1Sy8yL1BCcGllOEZGMVNNCkZIK0hrZHNtYTV2cVF5elg3cHdEZkR6QUR3VFJjSXZMYnJGamNQaEExeDE3ZlBlSklwbWdMZVVlVE9BVkRDWlIKTjFCV2grKzZCVmhJTFFiYVIrbkVEMk9ZWU04SnhZOThMcVY1WE5pMkxLNEhsYUJ0SFo3UlRabGdyVTQzRkk5SApDczdLZk9CTjYyMlQ0d3QxVUU3QjVOalRGbDJ1MVJPVitIUWpOdXBzVkpRUmMwN2NveFhIUXkwMVRNZW9pZ1k5CjZ2REtDVzNWVE55bGRPNzRleFZYSW1KLzluTWZUMjBidXNtNEtPYmxrbThIU0N0QWNUYzlCNkllL2tGL0s2SHUKVHRseWFhMGt4QlVua2U5VFV4aFRFUUdFNFA0YWt3eTRIMFliRHdJREFRQUJBb0lCQUhBUDdOeHhFejVaSHcxZQplV0lvTUdHRng5TDRCUUVoeW4va3ZiOWRyNmpGWFhYa28yUC9hR0NURVRUeWRQRGN2VjdpQVEyeEVYbjgxTTFKCkJOeWZIT2dwN0FkeWlMbVFQYjY0QkVSdlBRSW9xUHViL1p5MkR2aGF2UDdkbHI2ZlY0N2QyNUwzQ1dLL0dEYU0KL3JRbk1McTBYK1M1cmJXejV2a3JyWHcwRkdEdkRsaUhRdUJHQ1lmbjkvbXAwYUlWYXhsN1BScG1vdHFSdkxCYwpYTnlVbXdhVEIrekRqYStzOFd3VDVoWE9EYWc3YS9XWkxMOGZ0VmZzTE9mcW5HdXlaNVVBblBvL1FiY0x5TGpOCmJlWUg5OVV1a0diakgrZHhJUW94YTFOc2lKSUpoTlVyUVlrSHBIM1IyOXFZVXdUZ0kwaTQ5Z2Y5MFZYLzIzUXcKQVdaOUpIRUNnWUVBNEhQRVYydnorcVg3dXBzdUtpRWVnTkc0M2NTdlZCelh3OG5OSXVhT2ZLUndEdkU4b01NMAo5UlBZdkpLeFFZcEplT2ZPN29RSjBsQ04wSmZuTjEwdVBFOFVOckx2bHYzMmh4cllYYlpxUExTNmZKQUpkQ3g3Cis2RUd6OEV0aHhLZmhXYUJYNTZnSm4rQk1NQ1cwSjZOT3JDS0drc0xOc3BrR3A3aUdXaGY1TzBDZ1lFQXlPSnoKSHpkRDlNWTRyR2E0RjlpeVBqWHVFdGs2c05zZUJRL28vUUQzeWZDbjRRMzFUamEvREJVa2Z0a3MxK2prN3dFVwpUWDgySFJ6L3hDVUJZek1hMm5SNDlJN2JSSHVCRStYbytHVEdQbnVRRjM1MjN0MVo3YXpNaDU3S0xTMTRqZFhmCjkzeGpUaDJ0MEw4SnplTkVMeVlpSUkzQU9LQkp6NEJoaTZGVm5Hc0NnWUVBdytjbk9xcGxnNksxNlBTaXdYQ3cKdi96TW52dVprQSt3bnhtV3ExeVNodVc3VEw5dmpGMTA3bWVKSjJYZHduZWhreDY0ZFdQWGNyS09aTDhBdDBqawpIdzFpZGkrTmdMdGZIaUxuTUR3VDA3Sm1obXZ0WkhHak1VZ2x1dFZBR0lHL3E5NkJFdVZQb09wdTV3OWhVdXJnCkY1YVlvMFJXb0ZiY01vUDBrZnFRb0MwQ2dZQm5yOUtpQXlHVlh4YnpqWlZwNFpTbTNhbERtMUphNU02SzZGcG0KOUsveFVNRW1QZEVuRE1UeGxKd2d5VElIUTVPZTlaMndaSC9tNlFmdkV2YXpZRFoxR1hjeEsrZHJZcUFPU0RaRwp0NlZIclBtRDF1ZStRdHhlL0RrWnExRkpubFhDUitseFVZZmtVeGRiVHEvZDBIZHFLckdrd2VXOGxLZGtiaXhyCktOd0tmd0tCZ0E0Q3RiQVJiK01sNHNUYXNJbHlFOHVidGNXa294RVZoQlowMkpJQXg0dXhtTU5ZdENTdlFQY3kKd2ZtQTRRL1pYelJMaDhXWDVSYXorU003VUdISXcxUWV2ZEROSkp3TS9BRHRNRDJjeURUTDFTQnAxRHc4MFFZagpHMjR2b2pTSTNlTHVwTXZ2MkNBcXJnR21LWStCUWQzd3NKQzNjRE8zNnVOcmgyY3dnaGsrCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== + ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQVBtN1dvRjdtdWZhbE1ha2tNdEJZU2d3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkxTVRJd016QTBORGMwTVZvWERUSTRNVEl3TWpBMApORGMwTVZvd0ZERVNNQkFHQTFVRUF4TUpRMmxzYVhWdElFTkJNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFyMVRDY0tnL2NoQWVIZWtBM1NNc0RmbXQyUEo0OTJuOHhKMEh4dW5Zc21MZSs1ejYKL3Z5bXZ4Z3B3OEJIQVNyWEhtL1JMcXdhU0JRb0RwY2tnRWZyOWZVRUtLdzBqOWFEU0Y0UzRQQVFNcGRyWlkzWgp2Zzg5dFk5OHZ2b2tmSlQ1VFZJQ3JsdHdwMGRPNjFNQVlyRW1VdVl3Y0sxQ2daYURvWEJqc3FYNTB4UlpSQ2wxCk96VjN3QWVyZmRYYmFhTW1pblZsbDZKcmtsaU5BWDNJZy84b1grejUwNlAxOTErT1NZWVNzQnF3c091ZWVTbVEKTitPT3FZall5eVB6Si9ZaUdmYzMrZk9wb3lWcE1KelpoUDRPcW90ZTc3eTdtV2MwT3V3UjdIT1FqZHl0cjNRdwpSRkgvK2NqRk9mMzg3dCtaYmh3S3pLaXBkbjB2azZoWmNIY0kzd0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGRGJuNkQ3S1FXNmU5Sk9id0VicDd4NUV3cWk0TUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRQ2F4MTZpcy9sRnU2Tnl2SEFDVHpDNGhkaXY0UmtvWTY5NlhDc1NuS2l6c0NnbzgwYkRzb21MCkl0OW9DOGtTTm14ZVBwWHJGcmZLNHFlZTRNUXBqa2xULzZ1UTBrZzJYbXdUYTNqSHJ1bFNaMFRvTWdLZktmYWgKZzlncXhvQnBPMHVaRWpWODBoeHlqZVVKS1pZSm5wSTY5ZVNhWnREVDVCeGlqbS8xN3pTZERBWWtGYVpoMEJZWgpQd2JCdzBqSnBQRFNFaWt6ZlJUdjgydkdDRVJUdStmcFdQVE40MXNEa2psMDVyelN2Zm5GdzMwNEU1OXNiVUYrCkJod2hqcURzR0dyUXZmaEFnYlpheGJxSW9ocVZwRFB3T2xjTzRDdit0UzRKRm84alVwandMaUt4T3VwN3dkVjcKbmgzWmUrblNhOE9YV3FyK1lCRHpmZzNJS0JLQXhpWEwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + ca.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBcjFUQ2NLZy9jaEFlSGVrQTNTTXNEZm10MlBKNDkybjh4SjBIeHVuWXNtTGUrNXo2Ci92eW12eGdwdzhCSEFTclhIbS9STHF3YVNCUW9EcGNrZ0VmcjlmVUVLS3cwajlhRFNGNFM0UEFRTXBkclpZM1oKdmc4OXRZOTh2dm9rZkpUNVRWSUNybHR3cDBkTzYxTUFZckVtVXVZd2NLMUNnWmFEb1hCanNxWDUweFJaUkNsMQpPelYzd0FlcmZkWGJhYU1taW5WbGw2SnJrbGlOQVgzSWcvOG9YK3o1MDZQMTkxK09TWVlTc0Jxd3NPdWVlU21RCk4rT09xWWpZeXlQekovWWlHZmMzK2ZPcG95VnBNSnpaaFA0T3FvdGU3N3k3bVdjME91d1I3SE9RamR5dHIzUXcKUkZILytjakZPZjM4N3QrWmJod0t6S2lwZG4wdms2aFpjSGNJM3dJREFRQUJBb0lCQUJneXRZZEE0VWpIeXJCTQpHUzlzREVkOWZ5M2pBU2o4ZXNOVC9OL0tKSHN5UkI0cjQwUlA4RitOWVM1QUdreWg4Z0NrWkJWeDhVcWpaWWZsCitrYXVKblhTdEJrODh5QXE5Z0dGNGtzak5za1V0dURVUEFvTUpuTXBjNGtVRXZjU3hIbVVhUVJSWUhIbDJKR0gKNmhTMDZGb21wT2JZTXNhWjFGN3ltUC91QWxYTVRacmJvbHpyMXR2TXJ0VkE2RDRHaWlLd3Y0YnNleDFzR0VSOAp3K1lOSGxiWlhWMFJOWm5FTGNJV0xoYTJmWWM5TTFma2JGMXpQR0kxV0x6VHVGSzJSeERwNUFvbXEwQzc5cDFJCngvS00vVXJNaHhhWlBLZlM3UEhVYkE3RmVEZVgxZitBTkdXQlhmd2poTVpCR2dPdWo4aUFBcGdSRGkzcEVEbDkKalNvUVd0RUNnWUVBeVRkMVB0NzloczlYeWZCTVlucG0zRktLcGJPcU9zZUx2QmZLMTkwT1phYTI0NjVTYm94dwpod0Q0Qm1wT3o0QTJ1bTdac2swUkJ5QVNEMDJhOGxtR0EvRG9QdUdjTDl2aUxyQU4wUEFsNDY3MzdraEpDbVlBClp3WWp0Mm4rblFqUDc1eGkreGZsemtJMVV1SmsyZWIyNTZWSjVDbHlUWWhiVlIzb2FTWlRUbmNDZ1lFQTN4RWMKeVJFZ0NBdXNOa3NzaWpPQ0l4R25tOTdDODZIZU95eUZja0drMEJWWWZ6R3JydWFtN1JGQXNPbnYzOGhqd2hMNgpzakZkVk9zem9ERUU5enBQelZtZ3BrZVBLaGdlTXN2NWp5Y0g1QjVBaTBGYW93d3ZnUlFHbUVvWFBaWXpLVCtHCmYzb1hzaksxTDZxNk55SFJjZEZ1UzZmVjdJOGtCMk9ycDd0V0t0a0NnWUFldWpGVllJZ214aE1KNjRBK3FhSjcKa3I5SmZwNUlTNkN6SUk4QlYraVM3VnFRZWxac08xWVR4N29ZZ0xONFRJUVBCRTZLUStxTncvLytCa1BiTG9DZwpxWEZONlBZSStQTVpYaGsrQnU1Q1RyM2R6WHdaOG1tdFVlcXlYNlZhSmJaYlNPNTBtYm1tUGNZVzJpdThldURKCmp4d3hrNEs1QkZHdU5kci84N0pWRVFLQmdIU0xtMCtPSy84b0loem4zK2lCQ3ZCSnJCbXJKSTVvTnhVUnFOTk8KYXM3eEtDQ2trZis2c09KUnprdmduaHg4dFdwVHdqblJ3dUs0Vkd2UTBMaGU5Z3pqVkNVc1pDZHBISFlMem1LMQowTkNsNGJFZ1B6dkxCUkxhcEt0eW9udmgrdThGS3I5MXllV255clNSN2VNYVB6VEphR2dNMDU5YUZrZnFFbWg3Clg0VFpBb0dBWjJ2L0Q2U1lkdUdGcFRYcVNlRU9nakliOEU3ZzN2OVVqQTNjSVBMQ2Z4VC95SzZFcGFITFRFcFEKVW5LSGl2MXppV2RFRHBzNnVvQndBVFc2Rit5SWNvM1RaajcvSHAyNENuK3NyeHgyQ2RiNzB4UERkUWJ6cW8rTQpWY2hicHNBS01uRWxDMUlCditTeFArL2wxbEdxWVNIdElNazJscHZMeE1TTWlBOHpSaGM9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== --- # Source: cilium/charts/cilium/templates/hubble/tls-helm/relay-client-secret.yaml apiVersion: v1 @@ -62,9 +62,9 @@ metadata: namespace: kube-system type: kubernetes.io/tls data: - ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQUlDK0J4YUhQeG5mNDlQOGlTd3k5a2t3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkxTVRJd016QTBNVFkwTUZvWERUSTRNVEl3TWpBMApNVFkwTUZvd0ZERVNNQkFHQTFVRUF4TUpRMmxzYVhWdElFTkJNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFzQ0Q4aHdFd2FXRHN4a01vUGN2aFE3VERsSzdBVVM0SDVLLzIvUEJwaWU4RkYxU00KRkgrSGtkc21hNXZxUXl6WDdwd0RmRHpBRHdUUmNJdkxickZqY1BoQTF4MTdmUGVKSXBtZ0xlVWVUT0FWRENaUgpOMUJXaCsrNkJWaElMUWJhUituRUQyT1lZTThKeFk5OExxVjVYTmkyTEs0SGxhQnRIWjdSVFpsZ3JVNDNGSTlICkNzN0tmT0JONjIyVDR3dDFVRTdCNU5qVEZsMnUxUk9WK0hRak51cHNWSlFSYzA3Y294WEhReTAxVE1lb2lnWTkKNnZES0NXM1ZUTnlsZE83NGV4VlhJbUovOW5NZlQyMGJ1c200S09ibGttOEhTQ3RBY1RjOUI2SWUva0YvSzZIdQpUdGx5YWEwa3hCVW5rZTlUVXhoVEVRR0U0UDRha3d5NEgwWWJEd0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGSVBVMFJjZUR0NFVleWYreEplN0JMcnY3TlYvTUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRQlBuQ3piK2N0WG04VkRjT3YzVE9oWDZGbzVLSERWUElUOWhrQnhkb1NCNWRmNmNrM0FBVnNjClRIQjEvTTFTRDY1VnpFeFhFdWdkUkxQSjZGTDFzZTM2UjJFSjk3RjhudTV5VTRreEtYb1pmYmZKaFh1WW5hT1AKaXcxbU50V3EwS0t6TGhidHJkY3loaXlUTUFpeWFXTGs4RzRERURTZERPS1paS3ZsMFlpakd2dllpNEVQTXJlVAo3WDEyQzdlcjdCL0hEVlRLbFZVTnRFKzRyR0ZjZTFnLzYwVm9XT0dKckg4S0ozYjVUSC85bWpYemMvbml0TVBGCnFyb3B4aUxXVXdlNWZMTkhkaFI3ZnNkRDd3NWpuV0pFOU9CWFR4TXY3OXlJNVIwd3JOcytSQjA5dXRheUd4b0UKQUFadFdkZkx5TzA4dXhQaWZKenk2OUJUUWw3V3ZkWGcKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= - tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURTRENDQWpDZ0F3SUJBZ0lRVGRkUTE3bjJkNFVjWlgvK3JwZXJrVEFOQmdrcWhraUc5dzBCQVFzRkFEQVUKTVJJd0VBWURWUVFERXdsRGFXeHBkVzBnUTBFd0hoY05NalV4TWpBek1EUXhOalF3V2hjTk1qWXhNakF6TURReApOalF3V2pBak1TRXdId1lEVlFRRERCZ3FMbWgxWW1Kc1pTMXlaV3hoZVM1amFXeHBkVzB1YVc4d2dnRWlNQTBHCkNTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFEQnZVQUswR29OSG5tZUFvbUx0eEFUaVljS21FNU8KYWhWOTBlM0JSSWRsbDN5cXg2c3FURDhHS2xTN3B2MFcwd09nMTh3S29uQzRJTXYzc2NqOFcxSFVRV1ByQ0NySwp2a2ZSTE1YV2xwVWtwQXFxWXdndDJ2RVUwSGdkNmNpOU5MUG04ZURwdUVEU2QrZ0UralRadUM5SkVYNk1LdmtFCk5pcjY5Zm9xbGZuZlNmakE0N2liZHR4ZDh3c1ZPeDUvcy91aHRHYTNWZlJxTStiYW5WQ1dKVnpGdCt1bDZWQ1cKcmRYWTRWK1FzK2VJS0pDQlltZnhFV3BpalFvZFdsRTl2SW5sTjk5dmsvejIzVzBEVkcvWGVkWk5sdndYbU11Qgp6dThjUHJCeWhnNlZtS1RxVUQvT2lRdUQ1MDhhaWxyTUFQejJ5L2xzMStxYmpBNDFwTHNnbU5JM0FnTUJBQUdqCmdZWXdnWU13RGdZRFZSMFBBUUgvQkFRREFnV2dNQjBHQTFVZEpRUVdNQlFHQ0NzR0FRVUZCd01CQmdnckJnRUYKQlFjREFqQU1CZ05WSFJNQkFmOEVBakFBTUI4R0ExVWRJd1FZTUJhQUZJUFUwUmNlRHQ0VWV5Zit4SmU3Qkxydgo3TlYvTUNNR0ExVWRFUVFjTUJxQ0dDb3VhSFZpWW14bExYSmxiR0Y1TG1OcGJHbDFiUzVwYnpBTkJna3Foa2lHCjl3MEJBUXNGQUFPQ0FRRUFBWmNxeEVWcER0aFovbEtjaXJSUlVBNVl3MGRic0FNM2pzTmxYWFJ3bXY4VmY2RGQKb1JGWElrMEoxQVRnZ3pxMG9NR1BqTCs1ZEQ5bURSR0U1bmcxOWZsWVVTeUZxMzQ0TW91ZFVPbzE3S3hIZklmbgo3dUUvN2VsbFRuaHhLUTJFbjhPUmhoT0d6NitOU1ZkS0FIMUtZY2NiYVBLUjZKNTFqN2JQMndocEgvd2pJdWRqCk9wSXNvcG04eGVSZVd5KzJnZ0JjUXg0MDlUN0kwbHp4KzZOc0ZrVTdGay9jZC8xRThCR0tWalc1NEx0Q0VJeUkKREFEWVIwOTNmeThBUWk0ZEhkSmFmNE1NYVpPZ0lFeVFlYmo5MlQ1b0lKTmpWQ09rNXZtZFRUbkZPdXhJejhicQpGTDJxTTg2TkoyQ3JrQ0JONUI3T1FROVFRaHdpbkU3ZU9MTEFaUT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K - tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBd2IxQUN0QnFEUjU1bmdLSmk3Y1FFNG1IQ3BoT1Rtb1ZmZEh0d1VTSFpaZDhxc2VyCktrdy9CaXBVdTZiOUZ0TURvTmZNQ3FKd3VDREw5N0hJL0Z0UjFFRmo2d2dxeXI1SDBTekYxcGFWSktRS3FtTUkKTGRyeEZOQjRIZW5JdlRTejV2SGc2YmhBMG5mb0JQbzAyYmd2U1JGK2pDcjVCRFlxK3ZYNktwWDUzMG40d09PNAptM2JjWGZNTEZUc2VmN1A3b2JSbXQxWDBhalBtMnAxUWxpVmN4YmZycGVsUWxxM1YyT0Zma0xQbmlDaVFnV0puCjhSRnFZbzBLSFZwUlBieUo1VGZmYjVQODl0MXRBMVJ2MTNuV1RaYjhGNWpMZ2M3dkhENndjb1lPbFppazZsQS8Kem9rTGcrZFBHb3BhekFEODlzdjViTmZxbTR3T05hUzdJSmpTTndJREFRQUJBb0lCQUdXS3VEOHl2dkxEVDBERwoyYXAxdHlKV1NZWC9EOE8vakNZVzJrTWFsTkJsVm56NEM3a3Vueld2Q0J3V1NMNG11TmNiWTZFTFJJTHRCWnA3Ci92aHRNSFZNRkgrQ0YxT042WHd6dURsaFVTZ1VKbGJwY3NiOTRxOWpHQ0d0ZjMzVFdwc25tUmRHY0FzZnQyYXMKY1BqUHRWRFpyM2J0cXZoUEg3WExLR1FibVF3ekFsdThJbXpNWWZlZktlQ2x6NnU1aThmZGlURS9sQnJ5UWJ6dQp6NGpucHZBNDRzOStOQUhrenFmRTNoS1pKM1F5Z2pSK2FXL1pkUU53ekJwdTlNdTlVTkpUSTluTU5FazZoOWowCmZSVEUyQy9pNUszaDIyY2JYaXNWYkZ1a05DTDBTL3FvUkxvbWxGWktwZnN5M3RXbVdEVEE2cXNpbm9JdUltZloKS0s5bGdXa0NnWUVBMVozZmxzb0dSSEtrYU0rdnZwUXkrdFEwYW1ia3Q2YXgrSkkrbjRFcGQzTjM3V3V5WmxzbwprcmZoSVNaR256SldlZkVBNHRVU201cWFjcGhhaUpvUkNpblJZbDJiNlJaNEFWK1BybmNGMGRqblNQak56WGxXClQ1dWtETWp3WERzZm93eTJ0bjVMWGpvOWlzN0pyQXArc2VYaEdvNEkyVGFNYlN3c2QzQUlrUlVDZ1lFQTZDM0EKaWx4UHNyS0xlY2dLTFJaTUFsbVJURnd1c0F5QmozemJUUWRkdVU0cXhqN3F6VmdrSDlYSVJDUy9lUTFpMTg5Ngo2WndpVHBXVkQ2NWEyMG50dUtqNE5zaENaYjVZWHE3VmFaQ09DU3p0MmsxSm96S0IzcnludXhRNWFMSHpvMUYvCmcvRzRpTlErSDFPdkJOenBkd1hLRXh0KzZpQnJaclh0Q0ZwYXNSc0NnWUFKelIrWUxKYlRCeXVSLzQyQndnMEEKdzBIUWEvNHNpd0o1ZEVSWlR6VFczVDV3YjFPVkxMT1UzOGo5bTJMOEpQUWd6alVMTTFtU09DckQvVWVTSXZlTApMdFlEbkdYdDhQRDZweWJSaTNhQjVXRGZVVU1vSFZ3ZmRQVzIvSFZDMWhlaWhJL1JtY1BkZy9DVThONEIvYzFJClhsTFF4Qm1WMWRIbHBIUTUyck1aN1FLQmdGTDJsa2hhZC9nSXFLSVpndGxka0VkK3JkYTFVZEdDaG9FNVFqdWkKR0RGdzV3UHowMzhRc2NmV1lqdEhUa3Y1Sm9xckR1YU83Z3RhaytzSWlGcTNiZ1NBREVHM0NWTEYwMW54Nnp4UApkUkYrUm5ldENsVVFaU3VzQ2R0bGZLWVdnRktwZW9FeFRKbElEZkt2dW1ob2I5d2g2M1VzYkF0SkRsZWpSbEduCng2UmxBb0dCQUtRSHpFSTdpMEJ5NXE3VFpkTlh5eXllVWZUaGRKRmgyckZuSjVJUFRLVmtIYVNHRnZzR2pyVnoKS1VQd3V0c2pHTlVkVGJSUGVKN29XSTM0VEtTTWxvcHliM3I3L0psMmh3MFRvd2RMSTJHZUJRRkh5LzltRUJoNQpkc3ZONFFKc0Y4ZU1YZEhxcGluVWtONjEvcU9EeWNZT0tEZ0lqUjlacHZORDFZOW1ueUNpCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== + ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQVBtN1dvRjdtdWZhbE1ha2tNdEJZU2d3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkxTVRJd016QTBORGMwTVZvWERUSTRNVEl3TWpBMApORGMwTVZvd0ZERVNNQkFHQTFVRUF4TUpRMmxzYVhWdElFTkJNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFyMVRDY0tnL2NoQWVIZWtBM1NNc0RmbXQyUEo0OTJuOHhKMEh4dW5Zc21MZSs1ejYKL3Z5bXZ4Z3B3OEJIQVNyWEhtL1JMcXdhU0JRb0RwY2tnRWZyOWZVRUtLdzBqOWFEU0Y0UzRQQVFNcGRyWlkzWgp2Zzg5dFk5OHZ2b2tmSlQ1VFZJQ3JsdHdwMGRPNjFNQVlyRW1VdVl3Y0sxQ2daYURvWEJqc3FYNTB4UlpSQ2wxCk96VjN3QWVyZmRYYmFhTW1pblZsbDZKcmtsaU5BWDNJZy84b1grejUwNlAxOTErT1NZWVNzQnF3c091ZWVTbVEKTitPT3FZall5eVB6Si9ZaUdmYzMrZk9wb3lWcE1KelpoUDRPcW90ZTc3eTdtV2MwT3V3UjdIT1FqZHl0cjNRdwpSRkgvK2NqRk9mMzg3dCtaYmh3S3pLaXBkbjB2azZoWmNIY0kzd0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGRGJuNkQ3S1FXNmU5Sk9id0VicDd4NUV3cWk0TUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRQ2F4MTZpcy9sRnU2Tnl2SEFDVHpDNGhkaXY0UmtvWTY5NlhDc1NuS2l6c0NnbzgwYkRzb21MCkl0OW9DOGtTTm14ZVBwWHJGcmZLNHFlZTRNUXBqa2xULzZ1UTBrZzJYbXdUYTNqSHJ1bFNaMFRvTWdLZktmYWgKZzlncXhvQnBPMHVaRWpWODBoeHlqZVVKS1pZSm5wSTY5ZVNhWnREVDVCeGlqbS8xN3pTZERBWWtGYVpoMEJZWgpQd2JCdzBqSnBQRFNFaWt6ZlJUdjgydkdDRVJUdStmcFdQVE40MXNEa2psMDVyelN2Zm5GdzMwNEU1OXNiVUYrCkJod2hqcURzR0dyUXZmaEFnYlpheGJxSW9ocVZwRFB3T2xjTzRDdit0UzRKRm84alVwandMaUt4T3VwN3dkVjcKbmgzWmUrblNhOE9YV3FyK1lCRHpmZzNJS0JLQXhpWEwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURTVENDQWpHZ0F3SUJBZ0lSQVBxWTZFOTMvbU9zb001R1J3bXNZaGN3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkxTVRJd016QTBORGMwTWxvWERUSTJNVEl3TXpBMApORGMwTWxvd0l6RWhNQjhHQTFVRUF3d1lLaTVvZFdKaWJHVXRjbVZzWVhrdVkybHNhWFZ0TG1sdk1JSUJJakFOCkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQStqL1VXNG43Ty9NOC9nNk1aU1BNTUI5M0NoamwKT3l1OUxWbGpXZ3A0WHJqcm9UTnpqbnRlVmhMU0w3TFo2L1VRVkluRmFKS3NTOS8weE1ETEFob1ZsRVNEblB2egoyaGJuSmtCQU1PS25TeWUyQmNLTW1HdmNLc3VHR2M2bmVCbG5kSmpLVzZNS29Ub0laWUxEQTQrRFZUQm9YNmRiCjZXZGZ6WVJ6SzdWOEdmVUFOa3hLZzZ5eUQ3VHFtK2c5N1VFRENQYVNUenk1OUZvTXZXWHdCRWc4bys5b1lHRTIKbXE4cytMQk5BTzZhUE9CeEFPUnVtTEU1b2pIYm43WlBNN1BnaTIvWFVsTVNnTjFMVkQzdFM2aG9EV1hSa0FKTQpQQlZuem9YenRRa2NxYllrdUl6Y3B3TGhycnV6VmdBZEV0N3RCTHdTU3VOd3I3MFZEa0xBeStNenJ3SURBUUFCCm80R0dNSUdETUE0R0ExVWREd0VCL3dRRUF3SUZvREFkQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUIKQlFVSEF3SXdEQVlEVlIwVEFRSC9CQUl3QURBZkJnTlZIU01FR0RBV2dCUTI1K2creWtGdW52U1RtOEJHNmU4ZQpSTUtvdURBakJnTlZIUkVFSERBYWdoZ3FMbWgxWW1Kc1pTMXlaV3hoZVM1amFXeHBkVzB1YVc4d0RRWUpLb1pJCmh2Y05BUUVMQlFBRGdnRUJBS2hoQ1pXTjZURys5VjlLUXBpV2ZyWUJ2NzlrRjg0Y0M1Tnc2M0UrSWQ3RFN6MEcKaHRxbGhCclhXb2lVSkdzYUl4eGVEYlkrektmZXRHRjFRTXZQbFVMOTBZdWV2aXg5SXprVXA0M0tJL3RFTVppcwo2SW5GTlJmV3ltRm5jek1nQ0FkaEpEYzZ6MlFpT1htY1ozT3FYanB0bGFFMTQ0SjFkQy9lbXlONzM2VlRkMnR1Cml2QnFDTktLWHdoSGJEYkNWVThtRE9BcmkwbFU1bTdFdklVZ29vWUJZTUFreE9sK3RYT0dla3ZWTnZKOUlPVTUKM3RERU9QeHNGRUVqWFp0V096RFZEWm16UHZwbThPSGo4YjRHQU10M0NqZDFvWVNuaDZpeWFkUXdkODdiRis2Vgo1MXhSNW1ja1hvU2RQTkRaa1NLTjRHc0p4eXd6d0YwU3pXUnU3Q0k9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBK2ovVVc0bjdPL004L2c2TVpTUE1NQjkzQ2hqbE95dTlMVmxqV2dwNFhyanJvVE56CmpudGVWaExTTDdMWjYvVVFWSW5GYUpLc1M5LzB4TURMQWhvVmxFU0RuUHZ6MmhibkprQkFNT0tuU3llMkJjS00KbUd2Y0tzdUdHYzZuZUJsbmRKaktXNk1Lb1RvSVpZTERBNCtEVlRCb1g2ZGI2V2RmellSeks3VjhHZlVBTmt4SwpnNnl5RDdUcW0rZzk3VUVEQ1BhU1R6eTU5Rm9NdldYd0JFZzhvKzlvWUdFMm1xOHMrTEJOQU82YVBPQnhBT1J1Cm1MRTVvakhibjdaUE03UGdpMi9YVWxNU2dOMUxWRDN0UzZob0RXWFJrQUpNUEJWbnpvWHp0UWtjcWJZa3VJemMKcHdMaHJydXpWZ0FkRXQ3dEJMd1NTdU53cjcwVkRrTEF5K016cndJREFRQUJBb0lCQUUxSkNUeDhFS3NqSStNUwpleW1CTkw1bitVdVZCTGFSZTR0VjMra2U4cTNPVG5jcWZMVzBSQjR4RWRqSlU2UWJ1ejlnalNjT3BVZUprdjV3CnpFR0o3TUF0cUxnQzEveXl0aENLSjBqeHR0anZHcmdNclg4bFVJbW04WE5tN3pHWUp1dExoTE5vVnhBVDdDUHQKam15N0ZjUnBmdEtMelViNE5nNHlxWjhHSFoybUFHT3NkY1hHdnZUTEVMenNWQXVUZGdIQ0lXbzBWZyt3YldKbgpTM3hkenU2QmJjOEQ1TnA5c0RUQS8waThxdm40RXhVR3F0WUxWZ1Y5Vy80ZHNPM2s1dlA4dnpKaGhmbnBKc3lnCmUrb2hZa25pZXlzeUFkdEhZVC95VGpxaHVqNFNQbzhYeDlOcjEwYVlPMkZPWUZjNDdXbVFzUSs3eEhQYVpSOCsKMlkrZ1o0RUNnWUVBL0JIR1VLUzNCcjFudUxESWlFWEJsSlYxNzBEcnd5QndKQUY5SXpDVWhWZXNuTmV0SWJ5QgpWenR3amdVT0FEYnJtQXhlcGlaZ3ZGekhUTEVxcUZ2eThEeCtVb3V3eTBpR3UwMThiZ0twSHZxU0QyWFplOEcxCjV1UUUrSHA4cnZyK3FBMkNyQlN2Ykt3V1dFaHhza1dtWUREZjdvQVV6aHF1QUMyVVhyYkxzcXNDZ1lFQS9pYksKRGtnOHBFdC9IRjIwQ1NJK0M2QzdGUW1XeDJ3RDJZVTF1bDFtUkdYQlV1bzVtUWwwVThrc2VEdXM4eTluYlZTRwptQjhQeDd2Q3hnaTdPSnNydXNVVTVMWUh3MVRpTUtMbEFhNDNsd3ZpMzFYb1M0M2k0dms3WTMwaEhDRVo0ZFpFCllwNDRORGg3cEdTbnNWdkdqbW8rOXhBTzc3RE1ZMGFnVHVCWll3MENnWUFRN1Z5azg3cTZ3Q05qK3JNc3U0cDUKWU9RUGtndURDZjJkM1YrNjZqcy9EUmt4V3lac09vMXcvelBheGFvZ0I1QWdvTXdHV2xOcXNzeExjU1pOTWdlSgpiSGFMTW9oSHpuSUZ4L2xRSmV1WGdmb25BSTd2U1ozZWlIZHcvRUM5TzJ1NGUxZklHSWVEUTdjb2JJeitETUZVCmVsTy9YMmlHUXJKbW5xajFCMDk4aXdLQmdRRDNiMUpXdDFONjdSbXl4ek9wbE5IdFJpMzkzRmtVakgvdS9YY0MKbXo0ZXB5YWhqL0pGb1dQRTB0NWRyRlBFYTBsNXNzcGJQaHFCN2JaQ1VXdmRQNDFDaCsvQWY4eHRDcTR3aGRjSgpYTkU0V0ZVbjlKNTFPSTFGUnpyZnNJcFV0WkZhUXQ1UFdSVUZHbHlkLzNVWUFtNzhaa29wQlZSVlhiNlBoTW84CklNWkYzUUtCZ0c2dkJjZ3c1VktjVmpDdHVnbzV0TXVxamFRV3BTMW1TSTlOekgrTVpiaVdlMUtqeWxGL0RHV0YKQ0FHNkRCemx5YjBjd3R1UDhUbUFlcXlmbkZHaE85aGJGUFRuUGdVcTVzaHREbUJxY09oTzhoQ1ZyRDNRL1BjYgpzblV0UExhUzJDY09jaEk1ZzBTWmtIbEhhNjBuY2g4RzB0azNJSlZNK2k2N0prN2x1d1VMCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== --- # Source: cilium/charts/cilium/templates/hubble/tls-helm/server-secret.yaml apiVersion: v1 @@ -74,9 +74,9 @@ metadata: namespace: kube-system type: kubernetes.io/tls data: - ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQUlDK0J4YUhQeG5mNDlQOGlTd3k5a2t3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkxTVRJd016QTBNVFkwTUZvWERUSTRNVEl3TWpBMApNVFkwTUZvd0ZERVNNQkFHQTFVRUF4TUpRMmxzYVhWdElFTkJNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFzQ0Q4aHdFd2FXRHN4a01vUGN2aFE3VERsSzdBVVM0SDVLLzIvUEJwaWU4RkYxU00KRkgrSGtkc21hNXZxUXl6WDdwd0RmRHpBRHdUUmNJdkxickZqY1BoQTF4MTdmUGVKSXBtZ0xlVWVUT0FWRENaUgpOMUJXaCsrNkJWaElMUWJhUituRUQyT1lZTThKeFk5OExxVjVYTmkyTEs0SGxhQnRIWjdSVFpsZ3JVNDNGSTlICkNzN0tmT0JONjIyVDR3dDFVRTdCNU5qVEZsMnUxUk9WK0hRak51cHNWSlFSYzA3Y294WEhReTAxVE1lb2lnWTkKNnZES0NXM1ZUTnlsZE83NGV4VlhJbUovOW5NZlQyMGJ1c200S09ibGttOEhTQ3RBY1RjOUI2SWUva0YvSzZIdQpUdGx5YWEwa3hCVW5rZTlUVXhoVEVRR0U0UDRha3d5NEgwWWJEd0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGSVBVMFJjZUR0NFVleWYreEplN0JMcnY3TlYvTUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRQlBuQ3piK2N0WG04VkRjT3YzVE9oWDZGbzVLSERWUElUOWhrQnhkb1NCNWRmNmNrM0FBVnNjClRIQjEvTTFTRDY1VnpFeFhFdWdkUkxQSjZGTDFzZTM2UjJFSjk3RjhudTV5VTRreEtYb1pmYmZKaFh1WW5hT1AKaXcxbU50V3EwS0t6TGhidHJkY3loaXlUTUFpeWFXTGs4RzRERURTZERPS1paS3ZsMFlpakd2dllpNEVQTXJlVAo3WDEyQzdlcjdCL0hEVlRLbFZVTnRFKzRyR0ZjZTFnLzYwVm9XT0dKckg4S0ozYjVUSC85bWpYemMvbml0TVBGCnFyb3B4aUxXVXdlNWZMTkhkaFI3ZnNkRDd3NWpuV0pFOU9CWFR4TXY3OXlJNVIwd3JOcytSQjA5dXRheUd4b0UKQUFadFdkZkx5TzA4dXhQaWZKenk2OUJUUWw3V3ZkWGcKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= - tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURWekNDQWorZ0F3SUJBZ0lSQUxLcUtsWHVEVDBJUlRPYXY2TmtjQ293RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkxTVRJd016QTBNVFkwTUZvWERUSTJNVEl3TXpBMApNVFkwTUZvd0tqRW9NQ1lHQTFVRUF3d2ZLaTVrWldaaGRXeDBMbWgxWW1Kc1pTMW5jbkJqTG1OcGJHbDFiUzVwCmJ6Q0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQVBtVk4rUDBVamgxUnFkcHlqdnAKTEt0b3Z3SXBXQk95T0dJMFJNKytyVzZWU3dLTzEvdUNzTFlTU1NWUHYwamcydkNnMXl5YmcxeVVCUVl3MExjNQo1bzdEeVhsQ2RJbzFSMU92bjc5VUNNdCtvdlhQVStMSlBVd2F0Z1duQUc2K281eE5weDZzVk5uM24rb1RYRHVlCjljZkJ3U3F4a0JMRWVCZ3VsaWJRZU55L1MxWUdtcFVoMmI5QWVvdGV2bHhNOFM2bEM0d3QrTUE1QkhyMGRtOU8KaExMdEttMnVQRkxFV2xYdlY1dTk2bTZicG9WWkl6Z2lQbkdTYnhwRE5KU3h0bjNRQmVHTklWcWNwRll0am1CUQpUb1JTMTFSdTIxYXAzZERwUTMvSlh3dlJUNy8rZ2J4Z3lCRnU5djYwRzRyQUpybE4vdi9XWUJtRm5zUjNueXVsCnVHc0NBd0VBQWFPQmpUQ0JpakFPQmdOVkhROEJBZjhFQkFNQ0JhQXdIUVlEVlIwbEJCWXdGQVlJS3dZQkJRVUgKQXdFR0NDc0dBUVVGQndNQ01Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVWc5VFJGeDRPM2hSNwpKLzdFbDdzRXV1L3MxWDh3S2dZRFZSMFJCQ013SVlJZktpNWtaV1poZFd4MExtaDFZbUpzWlMxbmNuQmpMbU5wCmJHbDFiUzVwYnpBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQVNaU3QwcjVXQW43ZGdsK1p5WkNscStZS2RqdkMKeXR6WmpocHpaRXE2cytlN2dtdyszM082RDdGNnphU2RMV0hrMmNCNzc3VUU5YkNkOXN2WXIrRnZqMmFIYWx5MwpTK3RYOXNDUmM4cGhYY1BSMEJLNkhkazRYZW8vdkR6ODdBM090TnhtUzBUMkJIYjAzcEFCeHI5UHpNWmhoOXBxCmVNZnZpWkhvSkhlY01HRG1sVWRhQzFTdHYzeUllN25mbUsxejhlV2pxV0F4V3BPVnRiaHZQUGpER2hUREc4M0QKUjZqQ2ZTbGdxeExIUmQrSmhBUnpJQTNmUTRUZFh2VmtrRWY5Tmt6QjV2VjNTVlpHbkx6Nm11NEkyWmtyNGhEMgpIOTBydUhLbjJyRldZUjBHYWFFVUsyWmpTMGc5anpsMSs4dmRBWkZMY3NBdm1wQ3JvTTlTQXBEVWt3PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= - tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBK1pVMzQvUlNPSFZHcDJuS08ra3NxMmkvQWlsWUU3STRZalJFejc2dGJwVkxBbzdYCis0S3d0aEpKSlUrL1NPRGE4S0RYTEp1RFhKUUZCakRRdHpubWpzUEplVUowaWpWSFU2K2Z2MVFJeTM2aTljOVQKNHNrOVRCcTJCYWNBYnI2am5FMm5IcXhVMmZlZjZoTmNPNTcxeDhIQktyR1FFc1I0R0M2V0p0QjQzTDlMVmdhYQpsU0hadjBCNmkxNitYRXp4THFVTGpDMzR3RGtFZXZSMmIwNkVzdTBxYmE0OFVzUmFWZTlYbTczcWJwdW1oVmtqCk9DSStjWkp2R2tNMGxMRzJmZEFGNFkwaFdweWtWaTJPWUZCT2hGTFhWRzdiVnFuZDBPbERmOGxmQzlGUHYvNkIKdkdESUVXNzIvclFiaXNBbXVVMysvOVpnR1lXZXhIZWZLNlc0YXdJREFRQUJBb0lCQUJHTGNzMWNmSGNwajFqdgpiOTc4U2o2V2MyNzBkeE9UWUxGT21WTzlSTFhVV3R5SUxCaXJIRDhBVkJJQ1pDRDhaWWVxMXRWMDdTd1IzN1NLCnMvRmRhWjY1bHEwbWhjaTliQkV1OUZ6ZnpHcDVzWHowSVNKOUlRajdpN1lrQWp6R3UvdWQzZFNqS3FmVDUzTHQKLzNyVmR0T2ZCRFE3SFRTa2lRaXlKYTMrMDdBNHdzbzA0ejM5SXovVEFjN0FhNUViS3V3d2ZMNVltczZkU2wxNgpFOVNtZ3lnVWdqVXJBRXJLbWd1eXE1NExRUVNubXE5eDVjVGkyT05uL1M5MFF5SHI5NERkRzZuaDhkQ21HcHBjCmdocmxEaFJPd0hZNEFKTzlhWEtSUWR5eGJxc2xBaWM5Y1paTUNEOE1CU2xzZTM5K0YyOXdsNFBtQ1RCZVlramUKUWJpUUsya0NnWUVBL1BpbGMrRzA0WTlRWEhuM2FZOE1HTzlQcFhGWVErVXh2Wnk1MG1CVU9QaGhpR0V2QWpJdApWUVhBTzVxbUkrSzdGQkdlRW9YVUtaUGF6RmhDOXFuRjMyK1grcUVGSVJuVi9MNlkzRWJLazVmekVIODFpU01jClJJdlN1MmNpSDlQWXFMc0t3dnVDTllEWnBMSEdaZHU4Zk95QUNTazNzV2Vpd0pmMGNFeFg4RjhDZ1lFQS9KSXYKeUQ0b0tkM242ZlYrL0VEWlE5eXRwTm1VUFVNTHF2VlNFc09xSDFwU0tQd21BL1hkUkd2ZldqTkhEMmFPaVE3MApTYmlNeGpsTXNOanM3V1BVczBlSDNZVThEbzUyeWoyT0hPRFZvMGwxa204dERVL1diL3Y2T1UzZTU5V1VPYVlDCmJMSEd0QzNFN211N2w1RkF2SER6SXpXNGtuR3NmSWNPdkhmMFEzVUNnWUJqQ1JEMUNnTGZYMVR0cjA0ZUJFT1AKSzNrNTR1TFVTZEVzVTBRb1NWQVBzYVcxVjU2b3RHNHM0QUIvRlM4LzAwNjhMNTE3ME9yYmtDZlRZaVp0SE0vNwpobHV3WWdONUR2MUlZbkhEb3U5QjB2WDBtbWlpRkozSGRCbi9CZ1JGQTVISmxOaEV0MlFsZ0JrMHNlaGpEaUIvCm83TUlZeHVMbDNBUENDNUpISW84N3dLQmdRQzI5bU04eUtJcHFnR2RQdVROY1dDeVEwTmEzdTcrN2ZtZXozV3oKK0IvZDlIeitDYUswVGNBTEY2WEYzczJFUDRQVGo0eXhkc29yc2toMjk3MnlQaFpRQk9wTU0zOE5BSERYRW41SApOeXdyekVRcVh2VWc1b3Z0dFhoUFdMUzM5c1VZZWNUWjNuS1dCVzNhVlJxZ3NtMVYxUENjdWdiSnR5VC9WSXI5ClJsd2hIUUtCZ1FDenoxUUZaR3RFSGI2blNUVTQ1aTJING9LREsrNjJTUEx3SDhUbEN5S0pUY3UvYm5sazFuRmoKYVJDSHluNHRMVFVHNFVZdmFFRlBINkpsTllLeTYrTmVsMndnNUJQN2UxRXBNS1llajBrY0JTN01PdllSbmxmZQpxbDdJejIrT0dDS2s1eEpTZi9RNnROcXhJYWFjUUVPNytMQ0V3QkZXUkQycDZycUtrVytOYXc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo= + ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQVBtN1dvRjdtdWZhbE1ha2tNdEJZU2d3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSlEybHNhWFZ0SUVOQk1CNFhEVEkxTVRJd016QTBORGMwTVZvWERUSTRNVEl3TWpBMApORGMwTVZvd0ZERVNNQkFHQTFVRUF4TUpRMmxzYVhWdElFTkJNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUFyMVRDY0tnL2NoQWVIZWtBM1NNc0RmbXQyUEo0OTJuOHhKMEh4dW5Zc21MZSs1ejYKL3Z5bXZ4Z3B3OEJIQVNyWEhtL1JMcXdhU0JRb0RwY2tnRWZyOWZVRUtLdzBqOWFEU0Y0UzRQQVFNcGRyWlkzWgp2Zzg5dFk5OHZ2b2tmSlQ1VFZJQ3JsdHdwMGRPNjFNQVlyRW1VdVl3Y0sxQ2daYURvWEJqc3FYNTB4UlpSQ2wxCk96VjN3QWVyZmRYYmFhTW1pblZsbDZKcmtsaU5BWDNJZy84b1grejUwNlAxOTErT1NZWVNzQnF3c091ZWVTbVEKTitPT3FZall5eVB6Si9ZaUdmYzMrZk9wb3lWcE1KelpoUDRPcW90ZTc3eTdtV2MwT3V3UjdIT1FqZHl0cjNRdwpSRkgvK2NqRk9mMzg3dCtaYmh3S3pLaXBkbjB2azZoWmNIY0kzd0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGRGJuNkQ3S1FXNmU5Sk9id0VicDd4NUV3cWk0TUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRQ2F4MTZpcy9sRnU2Tnl2SEFDVHpDNGhkaXY0UmtvWTY5NlhDc1NuS2l6c0NnbzgwYkRzb21MCkl0OW9DOGtTTm14ZVBwWHJGcmZLNHFlZTRNUXBqa2xULzZ1UTBrZzJYbXdUYTNqSHJ1bFNaMFRvTWdLZktmYWgKZzlncXhvQnBPMHVaRWpWODBoeHlqZVVKS1pZSm5wSTY5ZVNhWnREVDVCeGlqbS8xN3pTZERBWWtGYVpoMEJZWgpQd2JCdzBqSnBQRFNFaWt6ZlJUdjgydkdDRVJUdStmcFdQVE40MXNEa2psMDVyelN2Zm5GdzMwNEU1OXNiVUYrCkJod2hqcURzR0dyUXZmaEFnYlpheGJxSW9ocVZwRFB3T2xjTzRDdit0UzRKRm84alVwandMaUt4T3VwN3dkVjcKbmgzWmUrblNhOE9YV3FyK1lCRHpmZzNJS0JLQXhpWEwKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURWakNDQWo2Z0F3SUJBZ0lRRzlBcDJRSWtZREZBVFBVL3NTS3V1REFOQmdrcWhraUc5dzBCQVFzRkFEQVUKTVJJd0VBWURWUVFERXdsRGFXeHBkVzBnUTBFd0hoY05NalV4TWpBek1EUTBOelF5V2hjTk1qWXhNakF6TURRMApOelF5V2pBcU1TZ3dKZ1lEVlFRRERCOHFMbVJsWm1GMWJIUXVhSFZpWW14bExXZHljR011WTJsc2FYVnRMbWx2Ck1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBb1Y2RkFzWEtiNjcxbGh1bENHeG0KZEhvWFFmNFhSa0R5NUJUMFgybmpUWVE1S2RGL1p4RENsdzF2TFc4VEdHb1E3UG9lSHg0cWhKazBGeUoxQzhHeQo0akdKVDljbXI4Smk2cnRkbHlZOFU1bUpqVnFqZExqVEg2eUozcWZFbCt1RkxaeHdBZ0tpMU9Vd2lRVE91UXR1CmlvUkhPeDE5UkVZemVBL0JWeDNSZTNhRStYZjQ0YUZkZmo3VlZ5bHNvdUZ4YUtJa2FjdnduS0RJUTRtTURwQ1AKL1g5VU9KTjZvazFTNDNtWk1vSFFyL0NpMEZxc2dQTVhUR3NOb0tJZmZTTG9NVTVhbStaRmVLYit1S0lHcW5seQpQcjBZKytXUmRkQ1k3TXNxVWk1bHU3Z2tyU2JqN2lrZ3FvbGp0Y1RqYWRTT0NMTmdJZ091QzlnTzRiQkNzcEp1CldRSURBUUFCbzRHTk1JR0tNQTRHQTFVZER3RUIvd1FFQXdJRm9EQWRCZ05WSFNVRUZqQVVCZ2dyQmdFRkJRY0QKQVFZSUt3WUJCUVVIQXdJd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JRMjUrZyt5a0Z1bnZTVAptOEJHNmU4ZVJNS291REFxQmdOVkhSRUVJekFoZ2g4cUxtUmxabUYxYkhRdWFIVmlZbXhsTFdkeWNHTXVZMmxzCmFYVnRMbWx2TUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCamxVaS9sTnBwcHhTSG5wd2JsbVlzczdiYmdnT2cKcHU4TCtnM3pya2pUb093TWUzM2wveDFQbnFjT1hMcDFGUnFzaERIVnZmWUo5VnpjSEwrMDh0UnI4UXNVVVJlRApnV1Fwb2piM1JXemlrMVUrK2M5R2RHaHFMTTlFQVFWOTJGdUNndmwxMGhJbmtjTzZBcENlUTdNMzN5Wjd3dTZJCkY1cjYzSWNYRWRRSW4zM1hpWU1SUTI1Wmo1SHdjVG5QSjVMNXhSZ01MMy9QY2N3RU9GeERYa21kTVlnYnBWQ3kKb1hwWUxrM1BvRmZaNFlDY0FHcWw5ZW5IcWx5STVUUGMxaUhhZHREbGVjcTU1VzF3ZS9VR29OMmJPY1QyNGpoTgpMaEZpY0VBaTM4RW1WcE9mdE84V0crVUxIQUt2c0ZVQTNxZGJabEp1S0RVQWNVam9zNnVxODFobQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBb1Y2RkFzWEtiNjcxbGh1bENHeG1kSG9YUWY0WFJrRHk1QlQwWDJualRZUTVLZEYvClp4RENsdzF2TFc4VEdHb1E3UG9lSHg0cWhKazBGeUoxQzhHeTRqR0pUOWNtcjhKaTZydGRseVk4VTVtSmpWcWoKZExqVEg2eUozcWZFbCt1RkxaeHdBZ0tpMU9Vd2lRVE91UXR1aW9SSE94MTlSRVl6ZUEvQlZ4M1JlM2FFK1hmNAo0YUZkZmo3VlZ5bHNvdUZ4YUtJa2FjdnduS0RJUTRtTURwQ1AvWDlVT0pONm9rMVM0M21aTW9IUXIvQ2kwRnFzCmdQTVhUR3NOb0tJZmZTTG9NVTVhbStaRmVLYit1S0lHcW5seVByMFkrK1dSZGRDWTdNc3FVaTVsdTdna3JTYmoKN2lrZ3FvbGp0Y1RqYWRTT0NMTmdJZ091QzlnTzRiQkNzcEp1V1FJREFRQUJBb0lCQVFDY3BpanhIQmo4ZWhlbAo5SWdzdVM1c2Ura0FBeTJNNFpmb21mN3djTlpiZGJRWVNHc3BIamdJY3Q0dWVObE1wZ3B3UWczam4yRWUvNnAxCm10bU01Q2hITkZkYnpqeWIrbFFVRW5jME44WHdVZWdaOUpjZ3hCc1BjR3NXWGo2V1MrZ284dWc0eTE1TzFYNWMKUlBKNDZBUVRLMzRLZ1FJTnVTaFZzTlc3UUJNUGlkL0ZETnFRQ2hOTnhJZHZLVU5IY05PTldVa3FmZUlrVmNRRAo1ZXE0NE95QzIvMkFSZ2ZsRGswaHY0ZUpIdENMWmx2Q0tLNTJ5c1U5Z1orZmN4MFFHbUFsVTQybGJmeXR4OTE5ClRESE11RXZGWWJJb3QxTUVDWFB2c2hlU1hybkJwYW5WUVk5VEZQeVBzZWxxRFY1ZENWMDRTQzdHd3FoblVQelAKMEgrRTEyNEJBb0dCQU1vTlhUSThBcklua3ZjRlE1ZUJSWXowVGFDSkQ2OUlNNGp3eEkrSGhTYm84bE90YjlQMwp5c2NsWEJ2L2s1V3V6UWkzYXJWYVRKWnBiRE9TRTc2M2Z3RkdYZEk4RC8zTjRHNjZBMlZ5SHpEMzhGcVpBeHd5CkZPTVZIaDZzOWpUSWJBMDc1VzlYVFpxWENZc3RtTStMTkNuR0ROMHY5bWJzMzQvRDNwdWxSaHF4QW9HQkFNeDAKWmp2SmNpcnR3dGtiTDZjeEU0MEgxN2RSK0xVbEFuT3M3ZGV3aWxXalFJZlhmNTdVeUw3MVlueFBvcmd2MWpPbApwSjZjZzJZZVlHc25jZXRDN2k2YnpJUFUybkN5RkxGOEhDbW9tRGlQNW1MQ3RpNGtEaWJrcEEwUFdDd3ZRV3djCkJCakhELzhwRHJqQ2FTeTZSSXFQcVg0em1uU1ZRRnpjcElvVEZLZ3BBb0dBRVFHRzhvOXllcVF5RG5CMisrMTUKZVIrbTJQZ3dSY1NCOGVpeDRwSzVka2pzL0hZQWo0cXZtb3RlY1V6Vmt5ZWZRamlOMXEyKy9IbnJEWHdpQlU5VQpkVHNDOG9yem5aMFNZcjl0UWNDVk4zM20wUGxIOWJ1UlhudU1pWEJ0V0l2MTdEYzZYR0N3dTI0eTgyL25DTERpCnR4RmdTODJabzVnVVNQbG5aeHBHQ0VFQ2dZQkhSMDFkQ3A0QzJXRlV6MldOcEU1c25JOVlHZnZiSzB2dmlCcGoKVitqaWNrZk5GQlFxQzRUeERodUh1enUvZXUzeWs0MFF2d0FRV2diRFZMMGloL01Cek05QUpyVUJGUlNoeStNRgpvd0Z1dHJ4Yk1nYlJqMEJmenRaaXR6YkdNTE5lUFdZd1BUWVdmdm5pNytRNjg3VnhtU1ErR3o5OTVZcksxU0dJCkFaN3lBUUtCZ1FDYTMxVG5RQUw3RFNodU95WTc4bVFQNExoWEgzZXlDeVZPZzVJZ1MvYXdBN2lpSkt0MXFUTGIKdHFZeXYzVlhGMm51RUh6L0VvVWhHbXVtQ2N0U0hYQ2JaN1BGcWFWeEUwN3J0aWdGUFJ3UXNIMnFEdWU2bkRVcQpsYmNEMklaVXJ0NzNlZ1l2T2dGWGVKSVhZTWl0YWlQMzJBS2NHSkRkcG1iVjVhR2RUU0dJa3c9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo= --- # Source: cilium/charts/cilium/templates/cilium-configmap.yaml apiVersion: v1 diff --git a/clusters/cl01tl/manifests/harbor/harbor.yaml b/clusters/cl01tl/manifests/harbor/harbor.yaml index 0a38d15ac..deeb44bb5 100644 --- a/clusters/cl01tl/manifests/harbor/harbor.yaml +++ b/clusters/cl01tl/manifests/harbor/harbor.yaml @@ -74,9 +74,9 @@ metadata: app.kubernetes.io/version: "2.14.0" type: Opaque data: - tls.crt: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURRekNDQWl1Z0F3SUJBZ0lSQUtqRVhvTm1MOTYrUE1rbEhGMkdBQXd3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSmFHRnlZbTl5TFdOaE1CNFhEVEkxTVRJd016QTBNVGt6TlZvWERUSTJNVEl3TXpBMApNVGt6TlZvd0lERWVNQndHQTFVRUF4TVZhR0Z5WW05eUxtRnNaWGhzWldKbGJuTXVibVYwTUlJQklqQU5CZ2txCmhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBeWw2VnlwQllxTGFONFZza2xtWnpnS2o3LzJ6OHE5R1gKNmFJQU9Yd3BERk1DWmpYcHUranBMYjhvYUpydndxNi9Wc2xvRDBzM0dXa2JGckh0ZVZvYUlodFIxSG81eUxOSQpsZkxFWmpDam1SRndPMnFiYnI0cnhxR2lhMFkvSEpXK3Q0NnRyeXF4UWJqbUFCc0dqQkN3dlljQnplMXI3bkF4ClRud0ViL1RYMm1XSlZ6MXN2SXlRN1I2M0ZkSEh2cGtXQ0FVTU1WT3hac1RHdkpSS29rWXBaZEd2bmttMzczQTcKNFZicUd5NkRPc2lpaE9Pc2lFMjNmNkJSellzYjIweEEvSEp1YWFkUCszTjYxeXdEVW9RLzRkaHM2M2owY0Y4ZgpxdW91YnFtZHg4eHhVaTlVSFdNMHAveVpMYk9zb1hPeWJ4a29wUDhlRlJyU1ZyWFVWQUx3T1FJREFRQUJvNEdECk1JR0FNQTRHQTFVZER3RUIvd1FFQXdJRm9EQWRCZ05WSFNVRUZqQVVCZ2dyQmdFRkJRY0RBUVlJS3dZQkJRVUgKQXdJd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JRTUxmOUYvZ3B2OXJaelBKREJ5QXhHY2JaawpVakFnQmdOVkhSRUVHVEFYZ2hWb1lYSmliM0l1WVd4bGVHeGxZbVZ1Y3k1dVpYUXdEUVlKS29aSWh2Y05BUUVMCkJRQURnZ0VCQUhaa2VRTzRuZUZvTitlRkRycHo1WWZmUXRvam91Y294bGlQTHBvNXhtSEU5bWI4OVBDUWc5TUwKbWNXOURYU0JiaER2UDhCQTZzQVpDdUpuRUw4dzVEOXFvS3pMeS95ZzNlNUYxeHFuaXhsdTkwcDYwRFRTRDdJYQpCZWxjVExmNFl5cnVTYXVKZW5TM2RoczAveWRnZkRPSmhaWHViQW9GTDI5Tmc3MTRpblUvcUd0OEFDNlVKNzhsCkZBbTRGUnhSUm5BV2pSMWNXK3hUMDltRFkwekFSNlJYTndOY2JGMjBkZytWeVpiUWo2QkVSQVpaSmRTSEwrcGcKRnBxL2JtMkl4RC9IdlFnYWJ6aE9qRWlMRk5Oc2N4ZHpZMFF0dzcyVWpQRnIzYzFYQ3dOZFVLNW1WczlPeEEwcAozdjc5ZldEekR6cDVDLzRNZSt0NnlBN1lzMzYwTTVnPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==" - tls.key: "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBeWw2VnlwQllxTGFONFZza2xtWnpnS2o3LzJ6OHE5R1g2YUlBT1h3cERGTUNaalhwCnUranBMYjhvYUpydndxNi9Wc2xvRDBzM0dXa2JGckh0ZVZvYUlodFIxSG81eUxOSWxmTEVaakNqbVJGd08ycWIKYnI0cnhxR2lhMFkvSEpXK3Q0NnRyeXF4UWJqbUFCc0dqQkN3dlljQnplMXI3bkF4VG53RWIvVFgybVdKVnoxcwp2SXlRN1I2M0ZkSEh2cGtXQ0FVTU1WT3hac1RHdkpSS29rWXBaZEd2bmttMzczQTc0VmJxR3k2RE9zaWloT09zCmlFMjNmNkJSellzYjIweEEvSEp1YWFkUCszTjYxeXdEVW9RLzRkaHM2M2owY0Y4ZnF1b3VicW1keDh4eFVpOVUKSFdNMHAveVpMYk9zb1hPeWJ4a29wUDhlRlJyU1ZyWFVWQUx3T1FJREFRQUJBb0lCQVFDeU9DSkt4bHlPR0ZkVApBK1Z3M3NFUnFjQmo3aU9IWFlvZm94LzNnRFRXT2JSL056T2szVFdkcUI5NklCak9wdjZ5KzZTODgweVBBRlZ1CjR6dDBCN25FRjdNMUlIOExGWGp6TlYxcGNhUmlCVTJGeGhra3FpMzdQQlhCeTVlQklROVlzRHFkYlVlMXpaUWcKdTZ4RVpkNkF5d2ozeGdPcmRQcTNWOWpBa0N3WWxJaVI5NkZkVFpuaGtvczM4MVJqdXNSRmZCUmdhMkVHK3FkUgpqUmx1bUFTU01Fd1RQbkt3U3dvMmYvWWE3NHo3cUwzRDlpd2U2b2EyRld0eC9mWGNTVGZ5eHJacG8wNnMrbEdOCmNGTTZ4Y3FiMURRRm9CV213cFZjQmxlREtpdmJxWWtnbmI3bWltbXdYZXlkbUNmblpKY2lOSDIzdlFqT2JWcU8KMTIxTkRsYVJBb0dCQVBsVExEMXd0ZEJYVGljTk8rKzc2TlI1M21oRUtDUDI4WXhBNDVvcXZsd2g0aDR0d3BObApvZ3d2MDhGMDg2a3ZrbDZmM09nR0RTTXBZMW9ZNVlJeU1KK0ZxeXBaVUlkMndaN2x6WVdnLzFsUy9RK2VuZXFPClgrRG95cmo2Z2NzZnB6K0dsUCsycENzWXRpTnZsUzdka1FyWDZpSlZQYW5uajBIdjRoWXFwdXB2QW9HQkFNL0oKbHFTMWYxSzJYcFdPMklqZURnN3JHWmQ0SlFqa3JQZG1TcHNvK3VGa2owRVdmbG9TVnkzbEJvMi9sL3JuMDZGLwpvWU50RjQxM3pqY0hsYSt2clRRRGFHVFU4dUJjeFUrYXRXZ0VRM1k1MTU4ZGQxVGRwaktCTk1CV0UwZ3NDSksxCjZNbUQ3Uk95SDFFTjRra3VCQjlvYjJBYVlCbk5aRFUwNlBHbGwwUFhBb0dBVVBMZUpEeVo2MEROVVFTTTl6TU4KVHg4YVJNUU1QRkVLNzd5SnFSNURtK29zWGh3QlZwWGkzUTRTTkhkaVBRWURBZEhwaVRPZHhGTEZ2UlRrUHpkSQpiaUthQmkvbFkzWDlPemZsV0lPREpGODdabnpiVExKWkVzN0NNdml5ZDE2WmtKaURlOXF5eG9OSmI0dms1Y2h1Ck5SVVJJWUNIZXNpQnpLaXp3UHFzSXVVQ2dZRUFnU3JydnBBbENpSGNRbFIrUHZicS9sTWZvWTFLV0hEdkpRd3QKcks2WTVxeEFjVkd1VWdlOHNnY0JQL1N1WVliamhDMTNGZUFuR0FZMTV2ZU1FWjYvcU9uRlo0a0pRbmZwSUVjbwpKZlVnaXNvQ1JDTnBIeFI2VUVNSnE5YldQYk5CMFJITUdCa3VzMk96SEF2cGMxeHJxNnFjTWIyenA5YUtTSmtQCmhjaE9kQmtDZ1lBcWI5bG5rdmNzMEVSTzFCb01PbWxxVzhpYlZzZ1NnYzdYNU9PazlZbVBPdHZQc1ZTVmRvb20KUWtxdFRFTGZwVXA5NUVpNnlIbDRST1l5czVIS1FMQUdnTDJGWFN2RmNKblpiWE1yVFVtVWxvdUhWdUZBVzdHUgpXVWNOelU4bGM0QzNTbUxrdzRUbzJuNzc3UExtZWgxdXAxNHBYTTUyYitpcUl0K2JueFMxRmc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=" - ca.crt: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURFekNDQWZ1Z0F3SUJBZ0lRWWpoZ0NabTYzMjc3ZnQxZ2dYWG1xREFOQmdrcWhraUc5dzBCQVFzRkFEQVUKTVJJd0VBWURWUVFERXdsb1lYSmliM0l0WTJFd0hoY05NalV4TWpBek1EUXhPVE0wV2hjTk1qWXhNakF6TURReApPVE0wV2pBVU1SSXdFQVlEVlFRREV3bG9ZWEppYjNJdFkyRXdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCCkR3QXdnZ0VLQW9JQkFRRGVPdjV3UmcwVlVrUHNwbTI3RFRqV0RkYmV1NEpxcjFVUVg1ZW1FMVMvUWoyQkpLT2gKUXczM3cySThLRXlXNnlYd0hUem0vOEVIRlIvaTdBQmJLSk1nODBFTXhrUmRWMVFxemRBVzBRdG8wNDVxWVZ0QQpUamNWZnNiNVp6bFR1RmY5djNMZHlmNS9zM2N0Ujl0c29rRldDS1IzMkRBVm5kbU1aV0dYWjVnQ2Z1eU9leG5YCkV1MWVoVmV2a0hVZ1R2Zk5weFp6QUFIbDFkbEtlc0RwODVUNzlqTUN5SXZpWTNOZ3N6MUUwdlJyZmJNZUFiZTMKMnNrSS9neEdRaGdmelBlMnQ2OHJiZGk0c2d0QjlNUWhjY0NMLzRHRk54RStaVXJYOXl5RjAxVlVoazh1SUhKNwp6SldhVEc1M0JoWmdyTnZmUU9xbWNROFRsb2FkL1VVOFY0Wk5BZ01CQUFHallUQmZNQTRHQTFVZER3RUIvd1FFCkF3SUNwREFkQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXcKQXdFQi96QWRCZ05WSFE0RUZnUVVEQzMvUmY0S2IvYTJjenlRd2NnTVJuRzJaRkl3RFFZSktvWklodmNOQVFFTApCUUFEZ2dFQkFMUHQ3b2ZBQStLc3ZKd29lbUNIVnIwek1hVEd2d2pGY3g0WlJucm8vVTFWbUovNTVseEwwQVlxCndvTzB4cHg1c1FrcXFpTEJXbWZjMGZyZTNOQ1VNUDR0U1JVcThadkV4eklXZ0JJYlNpeGJYQ1VSaXpMb1BXeE8KZ2ptbU5Wa29BMndRLzRlVWVJenVTU09iL3JYNDJPTitrQVVDQngxUnBZU3ZiRGF4T2lqTFZvZUh5UmVoUHBIMQp4K0pDdzVlZHlaWkRQZm4zRDJ4b3dDTVJ3VmRwYlVHMHFVaWNFNUlrcjhEQlV0SVBmckNJSXNGNWpESFJOeXVmCkp3VEMxR3NqdDNSVW5xbWROaUYvazFQQUVBVU81Z2ExcGlIVit5LyszekpiQXZYK3RneDFLSkJVYmJIMTVpS2YKVTUyMk9ZUlh4eDQrQWo0SEl0TlZuc1Bib1dMS0NXMD0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=" + tls.crt: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURRekNDQWl1Z0F3SUJBZ0lSQUxvbStnYkptTndRVE13T0kxem1EU3d3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSmFHRnlZbTl5TFdOaE1CNFhEVEkxTVRJd016QTBORGswTkZvWERUSTJNVEl3TXpBMApORGswTkZvd0lERWVNQndHQTFVRUF4TVZhR0Z5WW05eUxtRnNaWGhzWldKbGJuTXVibVYwTUlJQklqQU5CZ2txCmhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBclczbWdqTHF3b0xRMldsaU1FcFptWFVSN2hnVWVhYzIKQkJ4RFlDcGJHWStEUVVQK1ZGdkpjU3RhN1pLTnN2c0RKM0ZjVk9zVXVOUVB0aW40d0lYanZ6UFlRQ2ZiNHJraQpueXRnaXg0dDNVM0ZsK2xybjIwZWlITmZoeW44bTVXa2tMZUgwUWVQME80aEcvUWVrWXNkcHRNRElRY2dSbE5XCmR5eVlHSWMyQ3lrL1FwL1lHZDQ4RVdTRWh1YlRQTFU5bjBVUW80ZFJBYjk5dzRiSHAwMlQydk8xYkQ3Z1kzdTUKL0NOQUlPejhMbTBSMmJJYXhZeGpDdkp2L1d0eFhyWUlxU3pPMVB4LzNMYzExWHo2MW12Rms3MHFlN1FEc1EwQgpNTjduTjJFN1pxTHRjMUZoVzZxaWl0QkhRdVpzYXczcTE3Uk5IMnBGbzNYbFZHYm9GRmRCNFFJREFRQUJvNEdECk1JR0FNQTRHQTFVZER3RUIvd1FFQXdJRm9EQWRCZ05WSFNVRUZqQVVCZ2dyQmdFRkJRY0RBUVlJS3dZQkJRVUgKQXdJd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JTNUlJK1hxYXp0OW5oNnhKck9IY1pJMGxERQpiekFnQmdOVkhSRUVHVEFYZ2hWb1lYSmliM0l1WVd4bGVHeGxZbVZ1Y3k1dVpYUXdEUVlKS29aSWh2Y05BUUVMCkJRQURnZ0VCQUN4TzI2R1I2Si9rOUtTN3U1M1U1VjVrVXI0aHR0K1gvYTdzOW8waFlibmo1OFhmRWJYWGd4M0oKN0Q5Z0pxY0NMaEZmV3N2SVZzVHZWbTFhSE9IME45UDQvM1RqamY2VE5ZN2FmcU5EWXFoVEVWLzh4YVNyU2RMWgpMWFJWZ1QrMVhTdmRoY1FTZTVUN1BzRU5LZWlLSzQ0cmlRWDZPQ2h4VDQwSTUwSmhvakFadkZXVUtjVTk0dysrCjF1N1hrMGhMZnpLTWdvem1ZeVBBdERhOE4wYWxWUHBmeFlpcEZYUlJhQTVyWXFQS29JY2tGOVI2aUN0OXQyUUkKMUhLNno3dTlzWmNDL21hdHhqcTlwMVh3b0F0WEV2cUl2c0tZVXA4T084YTdHMmsxLzh4TTAyWkdhamNYVkhETgp5aVgyTTRPb0J3VzhQN3Zock81NGNJcmJ2eUgzRUJRPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==" + tls.key: "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBclczbWdqTHF3b0xRMldsaU1FcFptWFVSN2hnVWVhYzJCQnhEWUNwYkdZK0RRVVArClZGdkpjU3RhN1pLTnN2c0RKM0ZjVk9zVXVOUVB0aW40d0lYanZ6UFlRQ2ZiNHJraW55dGdpeDR0M1UzRmwrbHIKbjIwZWlITmZoeW44bTVXa2tMZUgwUWVQME80aEcvUWVrWXNkcHRNRElRY2dSbE5XZHl5WUdJYzJDeWsvUXAvWQpHZDQ4RVdTRWh1YlRQTFU5bjBVUW80ZFJBYjk5dzRiSHAwMlQydk8xYkQ3Z1kzdTUvQ05BSU96OExtMFIyYklhCnhZeGpDdkp2L1d0eFhyWUlxU3pPMVB4LzNMYzExWHo2MW12Rms3MHFlN1FEc1EwQk1ON25OMkU3WnFMdGMxRmgKVzZxaWl0QkhRdVpzYXczcTE3Uk5IMnBGbzNYbFZHYm9GRmRCNFFJREFRQUJBb0lCQUhnOU1zeGYrczBpbnlPcwo0YXR6VU0ySkVnWk40Wnc2WnNQUXlKR2FyQkI3cEZlU2lYajVMaDl0SEp5THQvdzM5WWJhSEZhdnFXMC9jU2t0CnprM0VSaE1oSWJQUkxxenhDR1RzVVFJQ3lXK2VaUGtlbDBRd0JqUTZNU2ZuMzBBTExzNDZ3RW9YQVFtc24zM2UKOFhhY3lkRUlpU25UNC9kOS9mdWdDazh2SnpQeW44REw0czJ3TXEyT3ZPRDFFQmY5OUJmQzd4ZDlwU0hFcUtnSApNNVRnV0NqaUc4L0pZalUxeW5wMDdGcGRzWUdvVFpENUIrbFBjQkIreHZyWVlLUWdIT2o3ajN4OVBZNlE2djZLCkRjSlExbkRDM282R2VWMExnejY3M2I0QkQ1Yy9jSWZyajlVcE1wSDY4Qm94K0lIVndOSUxuNXRobjZZQTBLOFMKNXNqNHNQVUNnWUVBMFpHOWNrajQwR2IxbDZ3MHZLbEx0bTdES3FuRmNLTDVJWFVoVjBML0VGYm0zUDhMMlZqVQp6OEZvVUJRSTNCa25CZHNoUlFrWDU2SSswM0RVTXpHK3hjZExrdTVJTjZVemp3K0wyZy9Yc1Mycnlia0QzQ04wCmtaQjREMGFpd1NHRmFXV2cwMGZFZlJraml2d0UwUEhPMVAzYnNIUmVoT2dPL2JkWWo3WDlOU2NDZ1lFQTA5cGoKUWxuc3lFbU9sTWhYQUF6U29oVS94c2hOVVpxQkFHRjhVbFZEaktjMktDcnBnMGg0WGY1UURZYlhzbklhZGFscgpNd045SEl2NDhXaFppbEFrTXdFMEE2ZXFQSEZJejRSWlBCRElaUFZaVFZOMVF0ZVZpZGRMZkthTjZjN1pJU1M5CkVlUU1QQnY4dzBlSFh6N1JqYVZiRFB4QzRLRVRsU3RUc1FBZmhiY0NnWUVBdE5kSG5Gd2Q0WEJIVTVlMWRtdTgKdXZOL2xNd2xaVm90RTFNSTcwMFAzeUN1WFZ2MDlKdzBJQWNzcFpWMFE4R3NxOS81S0tKOUwxUVJWTklUT3c0ZApLbndjMmZDbS91V2V4VC9NRmVMLzVKT2RueGY1bmJnMnVmbnBzSHpxcXkvcStSVktuNmRaaGYzd2J0bWtxazFQCmh2cDgzaHE5Q1lGYWxsUGxweldMQjVjQ2dZQjBTNFlCZm12RTV0d21RSFBCeTBnMVFZVHBFanVmZURrb2hGdEMKdHh1RnNxVEFHQTVueXZpSVlIcUJjbXdsd1ExVldkTkhCYnRBV0hZbnp5aVlETFpTYVc2c012WDRpQmQ0RXljSgpHZzFubm1lUFV5a2pzRVNlamxrWjdEUXJEU21VVUI2YUc1Mjd3WUZYa1lSMmZIMThUREZYUjROTzNCMXIzWVRyCnZTMlFzUUtCZ1FDbTNrZE16UkhXa0NPamxla3RacjhwNkl1N3lWaFFSOVl3dmVkYnVkcUlyZzlEN3RGZ25ERHkKVGFDbEhua2ZaWHhCVnVBWGJ2aC9LOG9sRU9OUDZJN1VXVDNSOVlQWDlHellVR01ja21nMmFMTWxBdGgwVW0vVgovUUNHWVpuTkcreHZSQXhibEFQd2J5clBXMHR3cFl4NldsdWd3NDRIUkFlTWNxQ2V6TVhlV3c9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=" + ca.crt: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGRENDQWZ5Z0F3SUJBZ0lSQUxNWmtIdFZhckhrTE9KOHpqMG9YM1V3RFFZSktvWklodmNOQVFFTEJRQXcKRkRFU01CQUdBMVVFQXhNSmFHRnlZbTl5TFdOaE1CNFhEVEkxTVRJd016QTBORGswTkZvWERUSTJNVEl3TXpBMApORGswTkZvd0ZERVNNQkFHQTFVRUF4TUphR0Z5WW05eUxXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DCkFROEFNSUlCQ2dLQ0FRRUEwTm9objlNUEM4c09LOHArc25hci82d0xZeEphT0pPNmwrVERVNG83UGtKaGVYNmUKdVZOWC8wc1BYdGZXTHJRbTlidGZHZXMxc2dTT1NVWTF4aTFWVUdxOUtyUXhidFo4dkZTYmxmQ25zbUQrNGRncApaNkxQUUNCNXY3bDZSQmlUQWlEVmYyS2VzRE5Xc3V0eS9LVjVYMUZ0TlN3Z2xPamdRR3R3Q3VRcTFqbk1YRWl3ClR4dDlrRTUyOXpOVmtlandzSmxVMzJvOFJwSXlka3MzMlI0S0psYjhrazVkQkVGTHB0akg1eDBkOTVWU0dKKzEKaUtJRDM0dUwxbStoNkN4Y3RRSTJZeE5lL0pYOFg2d3lrL21QNUlrdDBEb25BSVVzVHlWNzN4UGhuL3FoZzA1ZQpyRjl4eWJ3dTBoUzFhZW1IeEJsOWJoaVo2M3pkeUFJZmRBRG82d0lEQVFBQm8yRXdYekFPQmdOVkhROEJBZjhFCkJBTUNBcVF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUYKTUFNQkFmOHdIUVlEVlIwT0JCWUVGTGtnajVlcHJPMzJlSHJFbXM0ZHhralNVTVJ2TUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQkFRRER6L1AyRXlEenhqbDdLNjd1Wm5xeDQ2R1VtMWw3Z2xSOEtSV1IwczNhOHMweEVTb0VQNDJXClFhbEc5blBnaWtJNWJKeVlwNWU3ZjlvajQvb2t5SC9Kbi9QTnF0OHNCaWZNdXdTanU5ZXUzZW5ad1R6RkpaajQKMUMwdWc4RXI2ZndlaGNiNVR2ZmRVckVNRTlncTBqYi9ySUZwQWRaK21waUliVDVGQzlCSjZGZkY1cVNFckZBZQo4ZENNemZPRS9zcm5FMzhYdmIzSGhTSTk5cFlxckdZY2lFMm9WL1BDMWgvR3JVYU5HWHRXdmszR2xvZ2R0QllaCmZ1aVlzdlZOOGRZWkp3NTFHcUZOR05SVlFHZ1pGWDF0MmV6T3NQV1pwbXRyQ2Zta3ZQaWN1K1AvYko0cjA4eHMKSXlVeEpYZEREb3o2SFBVOTVTSmVCWW9TK1V0VzYxTmMKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=" --- # Source: harbor/charts/harbor/templates/registry/registry-secret.yaml apiVersion: v1 @@ -1268,7 +1268,7 @@ spec: app.kubernetes.io/component: nginx annotations: checksum/configmap: 55921b41f4478ded4d60da7edb83b828382ba722214816271ce3ffd2a77aed35 - checksum/secret: 8567ed7b0e04c9535c71cacd4b23a5ff4b7008574092ec4cf65e33bfd9e0b17a + checksum/secret: d7cbfaf80e2422e5607f47c317a6822352928575c7033776779eeb4a488eedf0 spec: securityContext: runAsUser: 10000 diff --git a/clusters/cl01tl/manifests/komodo/komodo.yaml b/clusters/cl01tl/manifests/komodo/komodo.yaml index 8200575bc..d888bc781 100644 --- a/clusters/cl01tl/manifests/komodo/komodo.yaml +++ b/clusters/cl01tl/manifests/komodo/komodo.yaml @@ -109,57 +109,6 @@ spec: # Source: komodo/charts/komodo/templates/common.yaml apiVersion: apps/v1 kind: Deployment -metadata: - name: komodo-ferretdb-2 - labels: - app.kubernetes.io/controller: ferretdb-2 - app.kubernetes.io/instance: komodo - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: komodo - helm.sh/chart: komodo-4.4.0 - namespace: komodo -spec: - revisionHistoryLimit: 3 - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/controller: ferretdb-2 - app.kubernetes.io/name: komodo - app.kubernetes.io/instance: komodo - template: - metadata: - labels: - app.kubernetes.io/controller: ferretdb-2 - app.kubernetes.io/instance: komodo - app.kubernetes.io/name: komodo - spec: - enableServiceLinks: false - serviceAccountName: default - automountServiceAccountToken: true - hostIPC: false - hostNetwork: false - hostPID: false - dnsPolicy: ClusterFirst - containers: - - env: - - name: FERRETDB_POSTGRESQL_URL - valueFrom: - secretKeyRef: - key: uri - name: komodo-postgresql-17-fdb-cluster-app - image: ghcr.io/ferretdb/ferretdb:2.7.0 - imagePullPolicy: IfNotPresent - name: main - resources: - requests: - cpu: 10m - memory: 128Mi ---- -# Source: komodo/charts/komodo/templates/common.yaml -apiVersion: apps/v1 -kind: Deployment metadata: name: komodo-main labels: @@ -285,6 +234,57 @@ spec: persistentVolumeClaim: claimName: komodo-syncs --- +# Source: komodo/charts/komodo/templates/common.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: komodo-ferretdb-2 + labels: + app.kubernetes.io/controller: ferretdb-2 + app.kubernetes.io/instance: komodo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: komodo + helm.sh/chart: komodo-4.4.0 + namespace: komodo +spec: + revisionHistoryLimit: 3 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/controller: ferretdb-2 + app.kubernetes.io/name: komodo + app.kubernetes.io/instance: komodo + template: + metadata: + labels: + app.kubernetes.io/controller: ferretdb-2 + app.kubernetes.io/instance: komodo + app.kubernetes.io/name: komodo + spec: + enableServiceLinks: false + serviceAccountName: default + automountServiceAccountToken: true + hostIPC: false + hostNetwork: false + hostPID: false + dnsPolicy: ClusterFirst + containers: + - env: + - name: FERRETDB_POSTGRESQL_URL + valueFrom: + secretKeyRef: + key: uri + name: komodo-postgresql-17-fdb-cluster-app + image: ghcr.io/ferretdb/ferretdb:2.7.0 + imagePullPolicy: IfNotPresent + name: main + resources: + requests: + cpu: 10m + memory: 128Mi +--- # Source: komodo/charts/postgresql-17-fdb-cluster/templates/cluster.yaml apiVersion: postgresql.cnpg.io/v1 kind: Cluster diff --git a/clusters/cl01tl/manifests/matrix-synapse/matrix-synapse.yaml b/clusters/cl01tl/manifests/matrix-synapse/matrix-synapse.yaml index 1a9274a33..285893c42 100644 --- a/clusters/cl01tl/manifests/matrix-synapse/matrix-synapse.yaml +++ b/clusters/cl01tl/manifests/matrix-synapse/matrix-synapse.yaml @@ -14,7 +14,7 @@ stringData: config.yaml: | ## Registration ## - registration_shared_secret: "o61stwMR2ytdK3w9CtrjQJos" + registration_shared_secret: "arSpBc1NIUWBdw0B1l5gBZns" ## API Configuration ## @@ -552,7 +552,7 @@ spec: metadata: annotations: checksum/config: e77b3b25301ed2f4b5eac2f16ed5d058374ed1ffcd7e9ca4d8eef44867647feb - checksum/secrets: 1379c893132491c2215656107a91e3edd3059f6e46bf6d81fc706e81ff9f7454 + checksum/secrets: baa114801e675282534274953a14345f1154ca25fc468388e78788b4c5e4b2b2 labels: app.kubernetes.io/name: matrix-synapse app.kubernetes.io/instance: matrix-synapse diff --git a/clusters/cl01tl/manifests/qbittorrent/qbittorrent.yaml b/clusters/cl01tl/manifests/qbittorrent/qbittorrent.yaml index 7ff990a3e..b327ebd7d 100644 --- a/clusters/cl01tl/manifests/qbittorrent/qbittorrent.yaml +++ b/clusters/cl01tl/manifests/qbittorrent/qbittorrent.yaml @@ -254,27 +254,6 @@ spec: --- kind: PersistentVolumeClaim apiVersion: v1 -metadata: - name: qbittorrent-theme-data - labels: - app.kubernetes.io/instance: qbittorrent - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: qbittorrent - helm.sh/chart: qbittorrent-4.4.0 - annotations: - helm.sh/resource-policy: keep - namespace: qbittorrent -spec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "1Gi" - storageClassName: "ceph-block" ---- -# Source: qbittorrent/charts/qbittorrent/templates/common.yaml -kind: PersistentVolumeClaim -apiVersion: v1 metadata: name: qbittorrent-qbit-manage-config-data labels: @@ -314,6 +293,27 @@ spec: storage: "1Gi" storageClassName: "ceph-block" --- +# Source: qbittorrent/charts/qbittorrent/templates/common.yaml +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: qbittorrent-theme-data + labels: + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent + helm.sh/chart: qbittorrent-4.4.0 + annotations: + helm.sh/resource-policy: keep + namespace: qbittorrent +spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "1Gi" + storageClassName: "ceph-block" +--- # Source: qbittorrent/templates/persistent-volume-claim.yaml apiVersion: v1 kind: PersistentVolumeClaim @@ -355,6 +355,38 @@ spec: # Source: qbittorrent/charts/qbittorrent/templates/common.yaml apiVersion: v1 kind: Service +metadata: + name: qbittorrent + labels: + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent + app.kubernetes.io/service: qbittorrent + helm.sh/chart: qbittorrent-4.4.0 + namespace: qbittorrent +spec: + type: ClusterIP + ports: + - port: 9999 + targetPort: 9999 + protocol: TCP + name: health + - port: 8080 + targetPort: 8080 + protocol: TCP + name: http + - port: 9022 + targetPort: 9022 + protocol: TCP + name: metrics + selector: + app.kubernetes.io/controller: main + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/name: qbittorrent +--- +# Source: qbittorrent/charts/qbittorrent/templates/common.yaml +apiVersion: v1 +kind: Service metadata: name: qbittorrent-qbit-manage labels: @@ -405,115 +437,6 @@ spec: app.kubernetes.io/name: qbittorrent --- # Source: qbittorrent/charts/qbittorrent/templates/common.yaml -apiVersion: v1 -kind: Service -metadata: - name: qbittorrent - labels: - app.kubernetes.io/instance: qbittorrent - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: qbittorrent - app.kubernetes.io/service: qbittorrent - helm.sh/chart: qbittorrent-4.4.0 - namespace: qbittorrent -spec: - type: ClusterIP - ports: - - port: 9999 - targetPort: 9999 - protocol: TCP - name: health - - port: 8080 - targetPort: 8080 - protocol: TCP - name: http - - port: 9022 - targetPort: 9022 - protocol: TCP - name: metrics - selector: - app.kubernetes.io/controller: main - app.kubernetes.io/instance: qbittorrent - app.kubernetes.io/name: qbittorrent ---- -# Source: qbittorrent/charts/qbittorrent/templates/common.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: qbittorrent-qui - labels: - app.kubernetes.io/controller: qui - app.kubernetes.io/instance: qbittorrent - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: qbittorrent - helm.sh/chart: qbittorrent-4.4.0 - namespace: qbittorrent -spec: - revisionHistoryLimit: 3 - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/controller: qui - app.kubernetes.io/name: qbittorrent - app.kubernetes.io/instance: qbittorrent - template: - metadata: - labels: - app.kubernetes.io/controller: qui - app.kubernetes.io/instance: qbittorrent - app.kubernetes.io/name: qbittorrent - spec: - enableServiceLinks: false - serviceAccountName: default - automountServiceAccountToken: true - hostIPC: false - hostNetwork: false - hostPID: false - dnsPolicy: ClusterFirst - containers: - - env: - - name: QUI__METRICS_ENABLED - value: "true" - - name: QUI__METRICS_HOST - value: 0.0.0.0 - - name: QUI__METRICS_PORT - value: "9074" - - name: QUI__OIDC_ENABLED - value: "true" - - name: QUI__OIDC_ISSUER - value: https://auth.alexlebens.dev/application/o/qui/ - - name: QUI__OIDC_CLIENT_ID - valueFrom: - secretKeyRef: - key: client - name: qui-oidc-secret - - name: QUI__OIDC_CLIENT_SECRET - valueFrom: - secretKeyRef: - key: secret - name: qui-oidc-secret - - name: QUI__OIDC_REDIRECT_URL - value: https://qui.alexlebens.net/api/auth/oidc/callback - - name: QUI__OIDC_DISABLE_BUILT_IN_LOGIN - value: "false" - image: ghcr.io/autobrr/qui:v1.7.0 - imagePullPolicy: IfNotPresent - name: qui - resources: - requests: - cpu: 10m - memory: 128Mi - volumeMounts: - - mountPath: /config - name: qui-config-data - volumes: - - name: qui-config-data - persistentVolumeClaim: - claimName: qbittorrent-qui-config-data ---- -# Source: qbittorrent/charts/qbittorrent/templates/common.yaml apiVersion: apps/v1 kind: Deployment metadata: @@ -806,6 +729,83 @@ spec: persistentVolumeClaim: claimName: qbittorrent-nfs-storage --- +# Source: qbittorrent/charts/qbittorrent/templates/common.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: qbittorrent-qui + labels: + app.kubernetes.io/controller: qui + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: qbittorrent + helm.sh/chart: qbittorrent-4.4.0 + namespace: qbittorrent +spec: + revisionHistoryLimit: 3 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/controller: qui + app.kubernetes.io/name: qbittorrent + app.kubernetes.io/instance: qbittorrent + template: + metadata: + labels: + app.kubernetes.io/controller: qui + app.kubernetes.io/instance: qbittorrent + app.kubernetes.io/name: qbittorrent + spec: + enableServiceLinks: false + serviceAccountName: default + automountServiceAccountToken: true + hostIPC: false + hostNetwork: false + hostPID: false + dnsPolicy: ClusterFirst + containers: + - env: + - name: QUI__METRICS_ENABLED + value: "true" + - name: QUI__METRICS_HOST + value: 0.0.0.0 + - name: QUI__METRICS_PORT + value: "9074" + - name: QUI__OIDC_ENABLED + value: "true" + - name: QUI__OIDC_ISSUER + value: https://auth.alexlebens.dev/application/o/qui/ + - name: QUI__OIDC_CLIENT_ID + valueFrom: + secretKeyRef: + key: client + name: qui-oidc-secret + - name: QUI__OIDC_CLIENT_SECRET + valueFrom: + secretKeyRef: + key: secret + name: qui-oidc-secret + - name: QUI__OIDC_REDIRECT_URL + value: https://qui.alexlebens.net/api/auth/oidc/callback + - name: QUI__OIDC_DISABLE_BUILT_IN_LOGIN + value: "false" + image: ghcr.io/autobrr/qui:v1.7.0 + imagePullPolicy: IfNotPresent + name: qui + resources: + requests: + cpu: 10m + memory: 128Mi + volumeMounts: + - mountPath: /config + name: qui-config-data + volumes: + - name: qui-config-data + persistentVolumeClaim: + claimName: qbittorrent-qui-config-data +--- # Source: qbittorrent/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret diff --git a/clusters/cl01tl/manifests/s3-exporter/s3-exporter.yaml b/clusters/cl01tl/manifests/s3-exporter/s3-exporter.yaml index 32704ebec..111adf1d7 100644 --- a/clusters/cl01tl/manifests/s3-exporter/s3-exporter.yaml +++ b/clusters/cl01tl/manifests/s3-exporter/s3-exporter.yaml @@ -99,138 +99,6 @@ spec: --- apiVersion: apps/v1 kind: Deployment -metadata: - name: s3-exporter-garage-local - labels: - app.kubernetes.io/controller: garage-local - app.kubernetes.io/instance: s3-exporter - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: s3-exporter - helm.sh/chart: s3-exporter-4.4.0 - namespace: s3-exporter -spec: - revisionHistoryLimit: 3 - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/controller: garage-local - app.kubernetes.io/name: s3-exporter - app.kubernetes.io/instance: s3-exporter - template: - metadata: - labels: - app.kubernetes.io/controller: garage-local - app.kubernetes.io/instance: s3-exporter - app.kubernetes.io/name: s3-exporter - spec: - enableServiceLinks: false - serviceAccountName: default - automountServiceAccountToken: true - hostIPC: false - hostNetwork: false - hostPID: false - dnsPolicy: ClusterFirst - containers: - - env: - - name: S3_NAME - value: garage-local - - name: S3_ENDPOINT - value: http://garage-main.garage:3900 - - name: S3_ACCESS_KEY - valueFrom: - secretKeyRef: - key: AWS_ACCESS_KEY_ID - name: s3-garage-secret - - name: S3_SECRET_KEY - valueFrom: - secretKeyRef: - key: AWS_SECRET_ACCESS_KEY - name: s3-garage-secret - - name: S3_REGION - value: us-east-1 - - name: LOG_LEVEL - value: debug - - name: S3_FORCE_PATH_STYLE - value: "true" - image: molu8bits/s3bucket_exporter:1.0.2 - imagePullPolicy: IfNotPresent - name: main - resources: - requests: - cpu: 10m - memory: 64Mi ---- -# Source: s3-exporter/charts/s3-exporter/templates/common.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: s3-exporter-garage-remote - labels: - app.kubernetes.io/controller: garage-remote - app.kubernetes.io/instance: s3-exporter - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: s3-exporter - helm.sh/chart: s3-exporter-4.4.0 - namespace: s3-exporter -spec: - revisionHistoryLimit: 3 - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/controller: garage-remote - app.kubernetes.io/name: s3-exporter - app.kubernetes.io/instance: s3-exporter - template: - metadata: - labels: - app.kubernetes.io/controller: garage-remote - app.kubernetes.io/instance: s3-exporter - app.kubernetes.io/name: s3-exporter - spec: - enableServiceLinks: false - serviceAccountName: default - automountServiceAccountToken: true - hostIPC: false - hostNetwork: false - hostPID: false - dnsPolicy: ClusterFirst - containers: - - env: - - name: S3_NAME - value: garage-remote - - name: S3_ENDPOINT - value: https://garage-ps10rp.boreal-beaufort.ts.net:3900 - - name: S3_ACCESS_KEY - valueFrom: - secretKeyRef: - key: AWS_ACCESS_KEY_ID - name: s3-garage-secret - - name: S3_SECRET_KEY - valueFrom: - secretKeyRef: - key: AWS_SECRET_ACCESS_KEY - name: s3-garage-secret - - name: S3_REGION - value: us-east-1 - - name: LOG_LEVEL - value: debug - - name: S3_FORCE_PATH_STYLE - value: "true" - image: molu8bits/s3bucket_exporter:1.0.2 - imagePullPolicy: IfNotPresent - name: main - resources: - requests: - cpu: 10m - memory: 64Mi ---- -# Source: s3-exporter/charts/s3-exporter/templates/common.yaml -apiVersion: apps/v1 -kind: Deployment metadata: name: s3-exporter-ceph-directus labels: @@ -366,6 +234,138 @@ spec: cpu: 10m memory: 64Mi --- +# Source: s3-exporter/charts/s3-exporter/templates/common.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: s3-exporter-garage-local + labels: + app.kubernetes.io/controller: garage-local + app.kubernetes.io/instance: s3-exporter + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: s3-exporter + helm.sh/chart: s3-exporter-4.4.0 + namespace: s3-exporter +spec: + revisionHistoryLimit: 3 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/controller: garage-local + app.kubernetes.io/name: s3-exporter + app.kubernetes.io/instance: s3-exporter + template: + metadata: + labels: + app.kubernetes.io/controller: garage-local + app.kubernetes.io/instance: s3-exporter + app.kubernetes.io/name: s3-exporter + spec: + enableServiceLinks: false + serviceAccountName: default + automountServiceAccountToken: true + hostIPC: false + hostNetwork: false + hostPID: false + dnsPolicy: ClusterFirst + containers: + - env: + - name: S3_NAME + value: garage-local + - name: S3_ENDPOINT + value: http://garage-main.garage:3900 + - name: S3_ACCESS_KEY + valueFrom: + secretKeyRef: + key: AWS_ACCESS_KEY_ID + name: s3-garage-secret + - name: S3_SECRET_KEY + valueFrom: + secretKeyRef: + key: AWS_SECRET_ACCESS_KEY + name: s3-garage-secret + - name: S3_REGION + value: us-east-1 + - name: LOG_LEVEL + value: debug + - name: S3_FORCE_PATH_STYLE + value: "true" + image: molu8bits/s3bucket_exporter:1.0.2 + imagePullPolicy: IfNotPresent + name: main + resources: + requests: + cpu: 10m + memory: 64Mi +--- +# Source: s3-exporter/charts/s3-exporter/templates/common.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: s3-exporter-garage-remote + labels: + app.kubernetes.io/controller: garage-remote + app.kubernetes.io/instance: s3-exporter + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: s3-exporter + helm.sh/chart: s3-exporter-4.4.0 + namespace: s3-exporter +spec: + revisionHistoryLimit: 3 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/controller: garage-remote + app.kubernetes.io/name: s3-exporter + app.kubernetes.io/instance: s3-exporter + template: + metadata: + labels: + app.kubernetes.io/controller: garage-remote + app.kubernetes.io/instance: s3-exporter + app.kubernetes.io/name: s3-exporter + spec: + enableServiceLinks: false + serviceAccountName: default + automountServiceAccountToken: true + hostIPC: false + hostNetwork: false + hostPID: false + dnsPolicy: ClusterFirst + containers: + - env: + - name: S3_NAME + value: garage-remote + - name: S3_ENDPOINT + value: https://garage-ps10rp.boreal-beaufort.ts.net:3900 + - name: S3_ACCESS_KEY + valueFrom: + secretKeyRef: + key: AWS_ACCESS_KEY_ID + name: s3-garage-secret + - name: S3_SECRET_KEY + valueFrom: + secretKeyRef: + key: AWS_SECRET_ACCESS_KEY + name: s3-garage-secret + - name: S3_REGION + value: us-east-1 + - name: LOG_LEVEL + value: debug + - name: S3_FORCE_PATH_STYLE + value: "true" + image: molu8bits/s3bucket_exporter:1.0.2 + imagePullPolicy: IfNotPresent + name: main + resources: + requests: + cpu: 10m + memory: 64Mi +--- # Source: s3-exporter/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret diff --git a/clusters/cl01tl/manifests/slskd/slskd.yaml b/clusters/cl01tl/manifests/slskd/slskd.yaml index b2f89fdfc..ed75a0450 100644 --- a/clusters/cl01tl/manifests/slskd/slskd.yaml +++ b/clusters/cl01tl/manifests/slskd/slskd.yaml @@ -84,78 +84,6 @@ spec: --- apiVersion: apps/v1 kind: Deployment -metadata: - name: slskd-soularr - labels: - app.kubernetes.io/controller: soularr - app.kubernetes.io/instance: slskd - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: slskd - helm.sh/chart: slskd-4.4.0 - namespace: slskd -spec: - revisionHistoryLimit: 3 - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/controller: soularr - app.kubernetes.io/name: slskd - app.kubernetes.io/instance: slskd - template: - metadata: - labels: - app.kubernetes.io/controller: soularr - app.kubernetes.io/instance: slskd - app.kubernetes.io/name: slskd - spec: - enableServiceLinks: false - serviceAccountName: default - automountServiceAccountToken: true - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - hostIPC: false - hostNetwork: false - hostPID: false - dnsPolicy: ClusterFirst - containers: - - env: - - name: TZ - value: US/Central - - name: PUID - value: "1000" - - name: PGID - value: "1000" - - name: SCRIPT_INTERVAL - value: "300" - image: mrusse08/soularr:latest@sha256:71a0b9e5a522d76bb0ffdb6d720d681fde22417b3a5acc9ecae61c89d05d8afc - imagePullPolicy: IfNotPresent - name: main - resources: - requests: - cpu: 10m - memory: 256Mi - volumeMounts: - - mountPath: /mnt/store - name: data - - mountPath: /data/config.ini - mountPropagation: None - name: soularr-config - readOnly: true - subPath: config.ini - volumes: - - name: data - persistentVolumeClaim: - claimName: slskd-nfs-storage - - name: soularr-config - secret: - secretName: soularr-config-secret ---- -# Source: slskd/charts/slskd/templates/common.yaml -apiVersion: apps/v1 -kind: Deployment metadata: name: slskd-main labels: @@ -275,6 +203,78 @@ spec: secret: secretName: slskd-config-secret --- +# Source: slskd/charts/slskd/templates/common.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: slskd-soularr + labels: + app.kubernetes.io/controller: soularr + app.kubernetes.io/instance: slskd + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: slskd + helm.sh/chart: slskd-4.4.0 + namespace: slskd +spec: + revisionHistoryLimit: 3 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/controller: soularr + app.kubernetes.io/name: slskd + app.kubernetes.io/instance: slskd + template: + metadata: + labels: + app.kubernetes.io/controller: soularr + app.kubernetes.io/instance: slskd + app.kubernetes.io/name: slskd + spec: + enableServiceLinks: false + serviceAccountName: default + automountServiceAccountToken: true + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + hostIPC: false + hostNetwork: false + hostPID: false + dnsPolicy: ClusterFirst + containers: + - env: + - name: TZ + value: US/Central + - name: PUID + value: "1000" + - name: PGID + value: "1000" + - name: SCRIPT_INTERVAL + value: "300" + image: mrusse08/soularr:latest@sha256:71a0b9e5a522d76bb0ffdb6d720d681fde22417b3a5acc9ecae61c89d05d8afc + imagePullPolicy: IfNotPresent + name: main + resources: + requests: + cpu: 10m + memory: 256Mi + volumeMounts: + - mountPath: /mnt/store + name: data + - mountPath: /data/config.ini + mountPropagation: None + name: soularr-config + readOnly: true + subPath: config.ini + volumes: + - name: data + persistentVolumeClaim: + claimName: slskd-nfs-storage + - name: soularr-config + secret: + secretName: soularr-config-secret +--- # Source: slskd/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret diff --git a/clusters/cl01tl/manifests/talos/talos.yaml b/clusters/cl01tl/manifests/talos/talos.yaml index ff5a55dcb..749981174 100644 --- a/clusters/cl01tl/manifests/talos/talos.yaml +++ b/clusters/cl01tl/manifests/talos/talos.yaml @@ -186,6 +186,78 @@ spec: --- apiVersion: batch/v1 kind: CronJob +metadata: + name: etcd-defrag-defrag-3 + labels: + app.kubernetes.io/controller: defrag-3 + app.kubernetes.io/instance: talos + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: talos + helm.sh/chart: etcd-defrag-4.4.0 + namespace: talos +spec: + suspend: false + concurrencyPolicy: Forbid + startingDeadlineSeconds: 90 + timeZone: US/Central + schedule: "20 0 * * 0" + successfulJobsHistoryLimit: 3 + failedJobsHistoryLimit: 3 + jobTemplate: + spec: + parallelism: 1 + backoffLimit: 3 + template: + metadata: + labels: + app.kubernetes.io/controller: defrag-3 + app.kubernetes.io/instance: talos + app.kubernetes.io/name: talos + spec: + enableServiceLinks: false + serviceAccountName: default + automountServiceAccountToken: true + hostIPC: false + hostNetwork: false + hostPID: false + dnsPolicy: ClusterFirst + restartPolicy: Never + nodeSelector: + node-role.kubernetes.io/control-plane: "" + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/control-plane + operator: Exists + containers: + - args: + - etcd + - defrag + - -n + - 10.232.1.13 + env: + - name: TALOSCONFIG + value: /tmp/.talos/config + image: ghcr.io/siderolabs/talosctl:v1.11.5 + imagePullPolicy: IfNotPresent + name: main + resources: + requests: + cpu: 100m + memory: 128Mi + volumeMounts: + - mountPath: /tmp/.talos/config + mountPropagation: None + name: talos-config-3 + readOnly: true + subPath: config + volumes: + - name: talos-config-3 + secret: + secretName: talos-etcd-defrag-secret +--- +# Source: talos/charts/etcd-defrag/templates/common.yaml +apiVersion: batch/v1 +kind: CronJob metadata: name: etcd-defrag-defrag-1 labels: @@ -327,78 +399,6 @@ spec: secret: secretName: talos-etcd-defrag-secret --- -# Source: talos/charts/etcd-defrag/templates/common.yaml -apiVersion: batch/v1 -kind: CronJob -metadata: - name: etcd-defrag-defrag-3 - labels: - app.kubernetes.io/controller: defrag-3 - app.kubernetes.io/instance: talos - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: talos - helm.sh/chart: etcd-defrag-4.4.0 - namespace: talos -spec: - suspend: false - concurrencyPolicy: Forbid - startingDeadlineSeconds: 90 - timeZone: US/Central - schedule: "20 0 * * 0" - successfulJobsHistoryLimit: 3 - failedJobsHistoryLimit: 3 - jobTemplate: - spec: - parallelism: 1 - backoffLimit: 3 - template: - metadata: - labels: - app.kubernetes.io/controller: defrag-3 - app.kubernetes.io/instance: talos - app.kubernetes.io/name: talos - spec: - enableServiceLinks: false - serviceAccountName: default - automountServiceAccountToken: true - hostIPC: false - hostNetwork: false - hostPID: false - dnsPolicy: ClusterFirst - restartPolicy: Never - nodeSelector: - node-role.kubernetes.io/control-plane: "" - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - containers: - - args: - - etcd - - defrag - - -n - - 10.232.1.13 - env: - - name: TALOSCONFIG - value: /tmp/.talos/config - image: ghcr.io/siderolabs/talosctl:v1.11.5 - imagePullPolicy: IfNotPresent - name: main - resources: - requests: - cpu: 100m - memory: 128Mi - volumeMounts: - - mountPath: /tmp/.talos/config - mountPropagation: None - name: talos-config-3 - readOnly: true - subPath: config - volumes: - - name: talos-config-3 - secret: - secretName: talos-etcd-defrag-secret ---- # Source: talos/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret diff --git a/clusters/cl01tl/manifests/tdarr/tdarr.yaml b/clusters/cl01tl/manifests/tdarr/tdarr.yaml index 4da17a419..56f2f8bb3 100644 --- a/clusters/cl01tl/manifests/tdarr/tdarr.yaml +++ b/clusters/cl01tl/manifests/tdarr/tdarr.yaml @@ -29,7 +29,7 @@ spec: kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: tdarr-config + name: tdarr-server labels: app.kubernetes.io/instance: tdarr app.kubernetes.io/managed-by: Helm @@ -50,7 +50,7 @@ spec: kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: tdarr-server + name: tdarr-config labels: app.kubernetes.io/instance: tdarr app.kubernetes.io/managed-by: Helm diff --git a/clusters/cl01tl/manifests/vault/vault.yaml b/clusters/cl01tl/manifests/vault/vault.yaml index 7b52d5324..51a9cd6f1 100644 --- a/clusters/cl01tl/manifests/vault/vault.yaml +++ b/clusters/cl01tl/manifests/vault/vault.yaml @@ -251,6 +251,54 @@ spec: --- apiVersion: apps/v1 kind: Deployment +metadata: + name: vault-unseal-unseal-1 + labels: + app.kubernetes.io/controller: unseal-1 + app.kubernetes.io/instance: vault + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: vault + helm.sh/chart: unseal-4.4.0 + namespace: vault +spec: + revisionHistoryLimit: 3 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app.kubernetes.io/controller: unseal-1 + app.kubernetes.io/name: vault + app.kubernetes.io/instance: vault + template: + metadata: + labels: + app.kubernetes.io/controller: unseal-1 + app.kubernetes.io/instance: vault + app.kubernetes.io/name: vault + spec: + enableServiceLinks: false + serviceAccountName: default + automountServiceAccountToken: true + hostIPC: false + hostNetwork: false + hostPID: false + dnsPolicy: ClusterFirst + containers: + - envFrom: + - secretRef: + name: vault-unseal-config-1 + image: ghcr.io/lrstanley/vault-unseal:0.7.2 + imagePullPolicy: IfNotPresent + name: main + resources: + requests: + cpu: 10m + memory: 24Mi +--- +# Source: vault/charts/unseal/templates/common.yaml +apiVersion: apps/v1 +kind: Deployment metadata: name: vault-unseal-unseal-2 labels: @@ -344,54 +392,6 @@ spec: cpu: 10m memory: 24Mi --- -# Source: vault/charts/unseal/templates/common.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: vault-unseal-unseal-1 - labels: - app.kubernetes.io/controller: unseal-1 - app.kubernetes.io/instance: vault - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: vault - helm.sh/chart: unseal-4.4.0 - namespace: vault -spec: - revisionHistoryLimit: 3 - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/controller: unseal-1 - app.kubernetes.io/name: vault - app.kubernetes.io/instance: vault - template: - metadata: - labels: - app.kubernetes.io/controller: unseal-1 - app.kubernetes.io/instance: vault - app.kubernetes.io/name: vault - spec: - enableServiceLinks: false - serviceAccountName: default - automountServiceAccountToken: true - hostIPC: false - hostNetwork: false - hostPID: false - dnsPolicy: ClusterFirst - containers: - - envFrom: - - secretRef: - name: vault-unseal-config-1 - image: ghcr.io/lrstanley/vault-unseal:0.7.2 - imagePullPolicy: IfNotPresent - name: main - resources: - requests: - cpu: 10m - memory: 24Mi ---- # Source: vault/charts/vault/templates/server-statefulset.yaml # StatefulSet to run the actual vault server cluster. apiVersion: apps/v1