mirror of
https://github.com/actions/actions-runner-controller.git
synced 2025-12-10 11:41:27 +00:00
Compare commits
32 Commits
runnerset-
...
actions-ru
| Author | SHA1 | Date | |
|---|---|---|---|
|
2c29cfb994 | ||
|
|
4f89ac5878 | ||
|
|
64778a828e | ||
|
|
8e484637f9 | ||
|
|
b202be712e | ||
|
|
fb11d3bfd0 | ||
|
|
7793e1974a | ||
|
|
8aa04dd2be | ||
|
|
2939640fa9 | ||
|
|
65fd04540c | ||
|
|
1ae5d2b18e | ||
|
|
862bc1a9dd | ||
|
|
95487735a2 | ||
|
|
16815230bb | ||
|
|
2646456677 | ||
|
|
62eca94e45 | ||
|
|
510b1d82e5 | ||
|
|
b511953df7 | ||
|
|
2117fd1892 | ||
|
|
e1edb84abe | ||
|
|
f14dbd68f1 | ||
|
|
bffcb32b19 | ||
|
|
ea2443a410 | ||
|
|
ba91c183b5 | ||
|
|
e10a1cc7a3 | ||
|
|
ce80adb9ab | ||
|
|
1a8abb6d39 | ||
|
|
fdf7b6c525 | ||
|
|
db061b33e7 | ||
|
|
ead26ab18f | ||
|
|
16666e1bba | ||
|
|
2ae39828b2 |
3
.github/ISSUE_TEMPLATE/config.yml
vendored
3
.github/ISSUE_TEMPLATE/config.yml
vendored
@@ -1,5 +1,8 @@
|
|||||||
blank_issues_enabled: false
|
blank_issues_enabled: false
|
||||||
contact_links:
|
contact_links:
|
||||||
|
- name: Feature requests for the gha-runner-scale-set (actions.github.com API group)
|
||||||
|
about: Feature requests associated with the actions.github.com group should be posted on the GitHub Community Support Forum
|
||||||
|
url: https://github.com/orgs/community/discussions/categories/actions
|
||||||
- name: Sponsor ARC Maintainers
|
- name: Sponsor ARC Maintainers
|
||||||
about: If your business relies on the continued maintainance of actions-runner-controller, please consider sponsoring the project and the maintainers.
|
about: If your business relies on the continued maintainance of actions-runner-controller, please consider sponsoring the project and the maintainers.
|
||||||
url: https://github.com/actions/actions-runner-controller/tree/master/CODEOWNERS
|
url: https://github.com/actions/actions-runner-controller/tree/master/CODEOWNERS
|
||||||
|
|||||||
113
.github/ISSUE_TEMPLATE/github_bug_report.yaml
vendored
Normal file
113
.github/ISSUE_TEMPLATE/github_bug_report.yaml
vendored
Normal file
@@ -0,0 +1,113 @@
|
|||||||
|
name: Bug Report (actions.github.com API group)
|
||||||
|
description: File a bug report for actions.github.com API group
|
||||||
|
title: "<Please write what didn't work for you here>"
|
||||||
|
labels: ["bug", "needs triage", "gha-runner-scale-set"]
|
||||||
|
body:
|
||||||
|
- type: checkboxes
|
||||||
|
id: read-troubleshooting-guide
|
||||||
|
attributes:
|
||||||
|
label: Checks
|
||||||
|
description: Please check all the boxes below before submitting
|
||||||
|
options:
|
||||||
|
- label: I've already read https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/troubleshooting-actions-runner-controller-errors and I'm sure my issue is not covered in the troubleshooting guide.
|
||||||
|
required: true
|
||||||
|
|
||||||
|
- label: I am using charts that are officially provided
|
||||||
|
- type: input
|
||||||
|
id: controller-version
|
||||||
|
attributes:
|
||||||
|
label: Controller Version
|
||||||
|
description: Refers to semver-like release tags for controller versions. Any release tags prefixed with `gha-runner-scale-set-` are releases associated with this API group
|
||||||
|
placeholder: ex. 0.6.1
|
||||||
|
validations:
|
||||||
|
required: true
|
||||||
|
- type: dropdown
|
||||||
|
id: deployment-method
|
||||||
|
attributes:
|
||||||
|
label: Deployment Method
|
||||||
|
description: Which deployment method did you use to install ARC?
|
||||||
|
options:
|
||||||
|
- Helm
|
||||||
|
- Kustomize
|
||||||
|
- ArgoCD
|
||||||
|
- Other
|
||||||
|
validations:
|
||||||
|
required: true
|
||||||
|
- type: checkboxes
|
||||||
|
id: checks
|
||||||
|
attributes:
|
||||||
|
label: Checks
|
||||||
|
description: Please check all the boxes below before submitting
|
||||||
|
options:
|
||||||
|
- label: This isn't a question or user support case (For Q&A and community support, go to [Discussions](https://github.com/actions/actions-runner-controller/discussions)).
|
||||||
|
required: true
|
||||||
|
- label: I've read the [Changelog](https://github.com/actions/actions-runner-controller/blob/master/docs/gha-runner-scale-set-controller/README.md#changelog) before submitting this issue and I'm sure it's not due to any recently-introduced backward-incompatible changes
|
||||||
|
required: true
|
||||||
|
- type: textarea
|
||||||
|
id: reproduction-steps
|
||||||
|
attributes:
|
||||||
|
label: To Reproduce
|
||||||
|
description: "Steps to reproduce the behavior"
|
||||||
|
render: markdown
|
||||||
|
placeholder: |
|
||||||
|
1. Go to '...'
|
||||||
|
2. Click on '....'
|
||||||
|
3. Scroll down to '....'
|
||||||
|
4. See error
|
||||||
|
validations:
|
||||||
|
required: true
|
||||||
|
- type: textarea
|
||||||
|
id: actual-behavior
|
||||||
|
attributes:
|
||||||
|
label: Describe the bug
|
||||||
|
description: Also tell us, what did happen?
|
||||||
|
placeholder: A clear and concise description of what happened.
|
||||||
|
validations:
|
||||||
|
required: true
|
||||||
|
|
||||||
|
- type: textarea
|
||||||
|
id: expected-behavior
|
||||||
|
attributes:
|
||||||
|
label: Describe the expected behavior
|
||||||
|
description: Also tell us, what did you expect to happen?
|
||||||
|
placeholder: A clear and concise description of what the expected behavior is.
|
||||||
|
validations:
|
||||||
|
required: true
|
||||||
|
|
||||||
|
- type: textarea
|
||||||
|
id: additional-context
|
||||||
|
attributes:
|
||||||
|
label: Additional Context
|
||||||
|
render: yaml
|
||||||
|
description: |
|
||||||
|
Provide `values.yaml` files that are relevant for this issue. PLEASE REDACT ANY INFORMATION THAT SHOULD NOT BE PUBLICALY AVAILABLE, LIKE GITHUB TOKEN FOR EXAMPLE.
|
||||||
|
placeholder: |
|
||||||
|
PLEASE REDACT ANY INFORMATION THAT SHOULD NOT BE PUBLICALY AVAILABLE, LIKE GITHUB TOKEN FOR EXAMPLE.
|
||||||
|
validations:
|
||||||
|
required: true
|
||||||
|
|
||||||
|
- type: textarea
|
||||||
|
id: controller-logs
|
||||||
|
attributes:
|
||||||
|
label: Controller Logs
|
||||||
|
description: "NEVER EVER OMIT THIS! Include complete logs from `actions-runner-controller`'s controller-manager pod."
|
||||||
|
render: shell
|
||||||
|
placeholder: |
|
||||||
|
PROVIDE THE LOGS VIA A GIST LINK (https://gist.github.com/), NOT DIRECTLY IN THIS TEXT AREA
|
||||||
|
|
||||||
|
To grab controller logs:
|
||||||
|
|
||||||
|
kubectl logs -n $NAMESPACE deployments/$CONTROLLER_DEPLOYMENT
|
||||||
|
validations:
|
||||||
|
required: true
|
||||||
|
- type: textarea
|
||||||
|
id: runner-pod-logs
|
||||||
|
attributes:
|
||||||
|
label: Runner Pod Logs
|
||||||
|
description: "Include logs and kubectl describe output from runner pod(s)."
|
||||||
|
render: shell
|
||||||
|
placeholder: |
|
||||||
|
PROVIDE THE WHOLE LOGS VIA A GIST LINK (https://gist.github.com/), NOT DIRECTLY IN THIS TEXT AREA
|
||||||
|
validations:
|
||||||
|
required: true
|
||||||
|
|
||||||
@@ -1,7 +1,7 @@
|
|||||||
name: Bug Report
|
name: Bug Report (actions.summerwind.net API group)
|
||||||
description: File a bug report
|
description: File a bug report for actions.summerwind.net API group
|
||||||
title: "<Please write what didn't work for you here>"
|
title: "<Please write what didn't work for you here>"
|
||||||
labels: ["bug", "needs triage"]
|
labels: ["bug", "needs triage", "community"]
|
||||||
body:
|
body:
|
||||||
- type: checkboxes
|
- type: checkboxes
|
||||||
id: read-troubleshooting-guide
|
id: read-troubleshooting-guide
|
||||||
@@ -146,7 +146,7 @@ body:
|
|||||||
render: shell
|
render: shell
|
||||||
placeholder: |
|
placeholder: |
|
||||||
PROVIDE THE LOGS VIA A GIST LINK (https://gist.github.com/), NOT DIRECTLY IN THIS TEXT AREA
|
PROVIDE THE LOGS VIA A GIST LINK (https://gist.github.com/), NOT DIRECTLY IN THIS TEXT AREA
|
||||||
|
|
||||||
To grab controller logs:
|
To grab controller logs:
|
||||||
|
|
||||||
# Set NS according to your setup
|
# Set NS according to your setup
|
||||||
@@ -166,7 +166,7 @@ body:
|
|||||||
render: shell
|
render: shell
|
||||||
placeholder: |
|
placeholder: |
|
||||||
PROVIDE THE WHOLE LOGS VIA A GIST LINK (https://gist.github.com/), NOT DIRECTLY IN THIS TEXT AREA
|
PROVIDE THE WHOLE LOGS VIA A GIST LINK (https://gist.github.com/), NOT DIRECTLY IN THIS TEXT AREA
|
||||||
|
|
||||||
To grab the runner pod logs:
|
To grab the runner pod logs:
|
||||||
|
|
||||||
# Set NS according to your setup. It should match your RunnerDeployment's metadata.namespace.
|
# Set NS according to your setup. It should match your RunnerDeployment's metadata.namespace.
|
||||||
@@ -177,7 +177,7 @@ body:
|
|||||||
|
|
||||||
kubectl -n $NS logs $POD_NAME -c runner > runnerpod_runner.log
|
kubectl -n $NS logs $POD_NAME -c runner > runnerpod_runner.log
|
||||||
kubectl -n $NS logs $POD_NAME -c docker > runnerpod_docker.log
|
kubectl -n $NS logs $POD_NAME -c docker > runnerpod_docker.log
|
||||||
|
|
||||||
If any of the containers are getting terminated immediately, try adding `--previous` to the kubectl-logs command to obtain logs emitted before the termination.
|
If any of the containers are getting terminated immediately, try adding `--previous` to the kubectl-logs command to obtain logs emitted before the termination.
|
||||||
validations:
|
validations:
|
||||||
required: true
|
required: true
|
||||||
@@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
name: Feature request
|
name: Feature request (actions.summerwind.net API group)
|
||||||
about: Suggest an idea for this project
|
about: Suggest an idea for this project
|
||||||
labels: ["enhancement", "needs triage"]
|
labels: ["enhancement", "needs triage", "community"]
|
||||||
title: ''
|
title: ''
|
||||||
assignees: ''
|
assignees: ''
|
||||||
---
|
---
|
||||||
2
.github/workflows/arc-publish-chart.yaml
vendored
2
.github/workflows/arc-publish-chart.yaml
vendored
@@ -63,7 +63,7 @@ jobs:
|
|||||||
python-version: '3.11'
|
python-version: '3.11'
|
||||||
|
|
||||||
- name: Set up chart-testing
|
- name: Set up chart-testing
|
||||||
uses: helm/chart-testing-action@v2.3.1
|
uses: helm/chart-testing-action@v2.6.0
|
||||||
|
|
||||||
- name: Run chart-testing (list-changed)
|
- name: Run chart-testing (list-changed)
|
||||||
id: list-changed
|
id: list-changed
|
||||||
|
|||||||
2
.github/workflows/arc-release-runners.yaml
vendored
2
.github/workflows/arc-release-runners.yaml
vendored
@@ -17,7 +17,7 @@ env:
|
|||||||
PUSH_TO_REGISTRIES: true
|
PUSH_TO_REGISTRIES: true
|
||||||
TARGET_ORG: actions-runner-controller
|
TARGET_ORG: actions-runner-controller
|
||||||
TARGET_WORKFLOW: release-runners.yaml
|
TARGET_WORKFLOW: release-runners.yaml
|
||||||
DOCKER_VERSION: 20.10.23
|
DOCKER_VERSION: 24.0.7
|
||||||
|
|
||||||
concurrency:
|
concurrency:
|
||||||
group: ${{ github.workflow }}
|
group: ${{ github.workflow }}
|
||||||
|
|||||||
6
.github/workflows/arc-validate-chart.yaml
vendored
6
.github/workflows/arc-validate-chart.yaml
vendored
@@ -28,7 +28,7 @@ permissions:
|
|||||||
contents: read
|
contents: read
|
||||||
|
|
||||||
concurrency:
|
concurrency:
|
||||||
# This will make sure we only apply the concurrency limits on pull requests
|
# This will make sure we only apply the concurrency limits on pull requests
|
||||||
# but not pushes to master branch by making the concurrency group name unique
|
# but not pushes to master branch by making the concurrency group name unique
|
||||||
# for pushes
|
# for pushes
|
||||||
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
|
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
|
||||||
@@ -69,10 +69,10 @@ jobs:
|
|||||||
# python is a requirement for the chart-testing action below (supports yamllint among other tests)
|
# python is a requirement for the chart-testing action below (supports yamllint among other tests)
|
||||||
- uses: actions/setup-python@v4
|
- uses: actions/setup-python@v4
|
||||||
with:
|
with:
|
||||||
python-version: '3.7'
|
python-version: '3.11'
|
||||||
|
|
||||||
- name: Set up chart-testing
|
- name: Set up chart-testing
|
||||||
uses: helm/chart-testing-action@v2.4.0
|
uses: helm/chart-testing-action@v2.6.0
|
||||||
|
|
||||||
- name: Run chart-testing (list-changed)
|
- name: Run chart-testing (list-changed)
|
||||||
id: list-changed
|
id: list-changed
|
||||||
|
|||||||
2
.github/workflows/gha-e2e-tests.yaml
vendored
2
.github/workflows/gha-e2e-tests.yaml
vendored
@@ -16,7 +16,7 @@ env:
|
|||||||
TARGET_ORG: actions-runner-controller
|
TARGET_ORG: actions-runner-controller
|
||||||
TARGET_REPO: arc_e2e_test_dummy
|
TARGET_REPO: arc_e2e_test_dummy
|
||||||
IMAGE_NAME: "arc-test-image"
|
IMAGE_NAME: "arc-test-image"
|
||||||
IMAGE_VERSION: "0.6.0"
|
IMAGE_VERSION: "0.7.0"
|
||||||
|
|
||||||
concurrency:
|
concurrency:
|
||||||
# This will make sure we only apply the concurrency limits on pull requests
|
# This will make sure we only apply the concurrency limits on pull requests
|
||||||
|
|||||||
6
.github/workflows/gha-validate-chart.yaml
vendored
6
.github/workflows/gha-validate-chart.yaml
vendored
@@ -24,7 +24,7 @@ permissions:
|
|||||||
contents: read
|
contents: read
|
||||||
|
|
||||||
concurrency:
|
concurrency:
|
||||||
# This will make sure we only apply the concurrency limits on pull requests
|
# This will make sure we only apply the concurrency limits on pull requests
|
||||||
# but not pushes to master branch by making the concurrency group name unique
|
# but not pushes to master branch by making the concurrency group name unique
|
||||||
# for pushes
|
# for pushes
|
||||||
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
|
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
|
||||||
@@ -65,10 +65,10 @@ jobs:
|
|||||||
# python is a requirement for the chart-testing action below (supports yamllint among other tests)
|
# python is a requirement for the chart-testing action below (supports yamllint among other tests)
|
||||||
- uses: actions/setup-python@v4
|
- uses: actions/setup-python@v4
|
||||||
with:
|
with:
|
||||||
python-version: '3.7'
|
python-version: '3.11'
|
||||||
|
|
||||||
- name: Set up chart-testing
|
- name: Set up chart-testing
|
||||||
uses: helm/chart-testing-action@v2.4.0
|
uses: helm/chart-testing-action@v2.6.0
|
||||||
|
|
||||||
- name: Run chart-testing (list-changed)
|
- name: Run chart-testing (list-changed)
|
||||||
id: list-changed
|
id: list-changed
|
||||||
|
|||||||
9
.github/workflows/global-run-codeql.yaml
vendored
9
.github/workflows/global-run-codeql.yaml
vendored
@@ -2,7 +2,7 @@ name: Run CodeQL
|
|||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
- master
|
- master
|
||||||
pull_request:
|
pull_request:
|
||||||
branches:
|
branches:
|
||||||
@@ -11,7 +11,7 @@ on:
|
|||||||
- cron: '30 1 * * 0'
|
- cron: '30 1 * * 0'
|
||||||
|
|
||||||
concurrency:
|
concurrency:
|
||||||
# This will make sure we only apply the concurrency limits on pull requests
|
# This will make sure we only apply the concurrency limits on pull requests
|
||||||
# but not pushes to master branch by making the concurrency group name unique
|
# but not pushes to master branch by making the concurrency group name unique
|
||||||
# for pushes
|
# for pushes
|
||||||
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
|
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
|
||||||
@@ -27,6 +27,11 @@ jobs:
|
|||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
|
- name: Install Go
|
||||||
|
uses: actions/setup-go@v4
|
||||||
|
with:
|
||||||
|
go-version-file: go.mod
|
||||||
|
|
||||||
- name: Initialize CodeQL
|
- name: Initialize CodeQL
|
||||||
uses: github/codeql-action/init@v2
|
uses: github/codeql-action/init@v2
|
||||||
with:
|
with:
|
||||||
|
|||||||
4
.github/workflows/go.yaml
vendored
4
.github/workflows/go.yaml
vendored
@@ -19,7 +19,7 @@ permissions:
|
|||||||
contents: read
|
contents: read
|
||||||
|
|
||||||
concurrency:
|
concurrency:
|
||||||
# This will make sure we only apply the concurrency limits on pull requests
|
# This will make sure we only apply the concurrency limits on pull requests
|
||||||
# but not pushes to master branch by making the concurrency group name unique
|
# but not pushes to master branch by making the concurrency group name unique
|
||||||
# for pushes
|
# for pushes
|
||||||
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
|
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
|
||||||
@@ -51,7 +51,7 @@ jobs:
|
|||||||
uses: golangci/golangci-lint-action@v3
|
uses: golangci/golangci-lint-action@v3
|
||||||
with:
|
with:
|
||||||
only-new-issues: true
|
only-new-issues: true
|
||||||
version: v1.51.1
|
version: v1.55.2
|
||||||
|
|
||||||
generate:
|
generate:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|||||||
@@ -1,2 +1,2 @@
|
|||||||
# actions-runner-controller maintainers
|
# actions-runner-controller maintainers
|
||||||
* @mumoshu @toast-gear @actions/actions-runtime @nikola-jokic
|
* @mumoshu @toast-gear @actions/actions-launch @nikola-jokic
|
||||||
|
|||||||
@@ -73,7 +73,7 @@ To make your development cycle faster, use the below command to update deploy an
|
|||||||
# Makefile
|
# Makefile
|
||||||
VERSION=controller1 \
|
VERSION=controller1 \
|
||||||
RUNNER_TAG=runner1 \
|
RUNNER_TAG=runner1 \
|
||||||
make acceptance/pull acceptance/kind docker-build acceptance/load acceptance/deploy
|
make acceptance/pull acceptance/kind docker-buildx acceptance/load acceptance/deploy
|
||||||
```
|
```
|
||||||
|
|
||||||
If you've already deployed actions-runner-controller and only want to recreate pods to use the newer image, you can run:
|
If you've already deployed actions-runner-controller and only want to recreate pods to use the newer image, you can run:
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
# Build the manager binary
|
# Build the manager binary
|
||||||
FROM --platform=$BUILDPLATFORM golang:1.20.7 as builder
|
FROM --platform=$BUILDPLATFORM golang:1.21.3 as builder
|
||||||
|
|
||||||
WORKDIR /workspace
|
WORKDIR /workspace
|
||||||
|
|
||||||
|
|||||||
6
Makefile
6
Makefile
@@ -6,7 +6,7 @@ endif
|
|||||||
DOCKER_USER ?= $(shell echo ${DOCKER_IMAGE_NAME} | cut -d / -f1)
|
DOCKER_USER ?= $(shell echo ${DOCKER_IMAGE_NAME} | cut -d / -f1)
|
||||||
VERSION ?= dev
|
VERSION ?= dev
|
||||||
COMMIT_SHA = $(shell git rev-parse HEAD)
|
COMMIT_SHA = $(shell git rev-parse HEAD)
|
||||||
RUNNER_VERSION ?= 2.309.0
|
RUNNER_VERSION ?= 2.311.0
|
||||||
TARGETPLATFORM ?= $(shell arch)
|
TARGETPLATFORM ?= $(shell arch)
|
||||||
RUNNER_NAME ?= ${DOCKER_USER}/actions-runner
|
RUNNER_NAME ?= ${DOCKER_USER}/actions-runner
|
||||||
RUNNER_TAG ?= ${VERSION}
|
RUNNER_TAG ?= ${VERSION}
|
||||||
@@ -68,7 +68,7 @@ endif
|
|||||||
all: manager
|
all: manager
|
||||||
|
|
||||||
lint:
|
lint:
|
||||||
docker run --rm -v $(PWD):/app -w /app golangci/golangci-lint:v1.54.2 golangci-lint run
|
docker run --rm -v $(PWD):/app -w /app golangci/golangci-lint:v1.55.2 golangci-lint run
|
||||||
|
|
||||||
GO_TEST_ARGS ?= -short
|
GO_TEST_ARGS ?= -short
|
||||||
|
|
||||||
@@ -320,7 +320,7 @@ ifeq (, $(wildcard $(GOBIN)/controller-gen))
|
|||||||
CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\
|
CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\
|
||||||
cd $$CONTROLLER_GEN_TMP_DIR ;\
|
cd $$CONTROLLER_GEN_TMP_DIR ;\
|
||||||
go mod init tmp ;\
|
go mod init tmp ;\
|
||||||
go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.7.0 ;\
|
go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.13.0 ;\
|
||||||
rm -rf $$CONTROLLER_GEN_TMP_DIR ;\
|
rm -rf $$CONTROLLER_GEN_TMP_DIR ;\
|
||||||
}
|
}
|
||||||
endif
|
endif
|
||||||
|
|||||||
@@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Copyright 2020 The actions-runner-controller authors.
|
Copyright 2020 The actions-runner-controller authors.
|
||||||
|
|||||||
@@ -23,6 +23,7 @@ import (
|
|||||||
ctrl "sigs.k8s.io/controller-runtime"
|
ctrl "sigs.k8s.io/controller-runtime"
|
||||||
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/webhook"
|
"sigs.k8s.io/controller-runtime/pkg/webhook"
|
||||||
|
"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
|
||||||
)
|
)
|
||||||
|
|
||||||
// log is for logging in this package.
|
// log is for logging in this package.
|
||||||
@@ -48,20 +49,20 @@ func (r *Runner) Default() {
|
|||||||
var _ webhook.Validator = &Runner{}
|
var _ webhook.Validator = &Runner{}
|
||||||
|
|
||||||
// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
|
// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
|
||||||
func (r *Runner) ValidateCreate() error {
|
func (r *Runner) ValidateCreate() (admission.Warnings, error) {
|
||||||
runnerLog.Info("validate resource to be created", "name", r.Name)
|
runnerLog.Info("validate resource to be created", "name", r.Name)
|
||||||
return r.Validate()
|
return nil, r.Validate()
|
||||||
}
|
}
|
||||||
|
|
||||||
// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
|
// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
|
||||||
func (r *Runner) ValidateUpdate(old runtime.Object) error {
|
func (r *Runner) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
|
||||||
runnerLog.Info("validate resource to be updated", "name", r.Name)
|
runnerLog.Info("validate resource to be updated", "name", r.Name)
|
||||||
return r.Validate()
|
return nil, r.Validate()
|
||||||
}
|
}
|
||||||
|
|
||||||
// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
|
// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
|
||||||
func (r *Runner) ValidateDelete() error {
|
func (r *Runner) ValidateDelete() (admission.Warnings, error) {
|
||||||
return nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Validate validates resource spec.
|
// Validate validates resource spec.
|
||||||
|
|||||||
@@ -23,6 +23,7 @@ import (
|
|||||||
ctrl "sigs.k8s.io/controller-runtime"
|
ctrl "sigs.k8s.io/controller-runtime"
|
||||||
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/webhook"
|
"sigs.k8s.io/controller-runtime/pkg/webhook"
|
||||||
|
"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
|
||||||
)
|
)
|
||||||
|
|
||||||
// log is for logging in this package.
|
// log is for logging in this package.
|
||||||
@@ -48,20 +49,20 @@ func (r *RunnerDeployment) Default() {
|
|||||||
var _ webhook.Validator = &RunnerDeployment{}
|
var _ webhook.Validator = &RunnerDeployment{}
|
||||||
|
|
||||||
// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
|
// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
|
||||||
func (r *RunnerDeployment) ValidateCreate() error {
|
func (r *RunnerDeployment) ValidateCreate() (admission.Warnings, error) {
|
||||||
runnerDeploymentLog.Info("validate resource to be created", "name", r.Name)
|
runnerDeploymentLog.Info("validate resource to be created", "name", r.Name)
|
||||||
return r.Validate()
|
return nil, r.Validate()
|
||||||
}
|
}
|
||||||
|
|
||||||
// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
|
// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
|
||||||
func (r *RunnerDeployment) ValidateUpdate(old runtime.Object) error {
|
func (r *RunnerDeployment) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
|
||||||
runnerDeploymentLog.Info("validate resource to be updated", "name", r.Name)
|
runnerDeploymentLog.Info("validate resource to be updated", "name", r.Name)
|
||||||
return r.Validate()
|
return nil, r.Validate()
|
||||||
}
|
}
|
||||||
|
|
||||||
// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
|
// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
|
||||||
func (r *RunnerDeployment) ValidateDelete() error {
|
func (r *RunnerDeployment) ValidateDelete() (admission.Warnings, error) {
|
||||||
return nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Validate validates resource spec.
|
// Validate validates resource spec.
|
||||||
|
|||||||
@@ -23,6 +23,7 @@ import (
|
|||||||
ctrl "sigs.k8s.io/controller-runtime"
|
ctrl "sigs.k8s.io/controller-runtime"
|
||||||
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/webhook"
|
"sigs.k8s.io/controller-runtime/pkg/webhook"
|
||||||
|
"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
|
||||||
)
|
)
|
||||||
|
|
||||||
// log is for logging in this package.
|
// log is for logging in this package.
|
||||||
@@ -48,20 +49,20 @@ func (r *RunnerReplicaSet) Default() {
|
|||||||
var _ webhook.Validator = &RunnerReplicaSet{}
|
var _ webhook.Validator = &RunnerReplicaSet{}
|
||||||
|
|
||||||
// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
|
// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
|
||||||
func (r *RunnerReplicaSet) ValidateCreate() error {
|
func (r *RunnerReplicaSet) ValidateCreate() (admission.Warnings, error) {
|
||||||
runnerReplicaSetLog.Info("validate resource to be created", "name", r.Name)
|
runnerReplicaSetLog.Info("validate resource to be created", "name", r.Name)
|
||||||
return r.Validate()
|
return nil, r.Validate()
|
||||||
}
|
}
|
||||||
|
|
||||||
// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
|
// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
|
||||||
func (r *RunnerReplicaSet) ValidateUpdate(old runtime.Object) error {
|
func (r *RunnerReplicaSet) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
|
||||||
runnerReplicaSetLog.Info("validate resource to be updated", "name", r.Name)
|
runnerReplicaSetLog.Info("validate resource to be updated", "name", r.Name)
|
||||||
return r.Validate()
|
return nil, r.Validate()
|
||||||
}
|
}
|
||||||
|
|
||||||
// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
|
// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
|
||||||
func (r *RunnerReplicaSet) ValidateDelete() error {
|
func (r *RunnerReplicaSet) ValidateDelete() (admission.Warnings, error) {
|
||||||
return nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Validate validates resource spec.
|
// Validate validates resource spec.
|
||||||
|
|||||||
@@ -1,5 +1,4 @@
|
|||||||
//go:build !ignore_autogenerated
|
//go:build !ignore_autogenerated
|
||||||
// +build !ignore_autogenerated
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Copyright 2020 The actions-runner-controller authors.
|
Copyright 2020 The actions-runner-controller authors.
|
||||||
|
|||||||
@@ -15,10 +15,10 @@ type: application
|
|||||||
# This is the chart version. This version number should be incremented each time you make changes
|
# This is the chart version. This version number should be incremented each time you make changes
|
||||||
# to the chart and its templates, including the app version.
|
# to the chart and its templates, including the app version.
|
||||||
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
||||||
version: 0.23.5
|
version: 0.23.7
|
||||||
|
|
||||||
# Used as the default manager tag value when no tag property is provided in the values.yaml
|
# Used as the default manager tag value when no tag property is provided in the values.yaml
|
||||||
appVersion: 0.27.5
|
appVersion: 0.27.6
|
||||||
|
|
||||||
home: https://github.com/actions/actions-runner-controller
|
home: https://github.com/actions/actions-runner-controller
|
||||||
|
|
||||||
|
|||||||
@@ -8,154 +8,156 @@ All additional docs are kept in the `docs/` folder, this README is solely for do
|
|||||||
|
|
||||||
> _Default values are the defaults set in the charts `values.yaml`, some properties have default configurations in the code for when the property is omitted or invalid_
|
> _Default values are the defaults set in the charts `values.yaml`, some properties have default configurations in the code for when the property is omitted or invalid_
|
||||||
|
|
||||||
| Key | Description | Default |
|
| Key | Description | Default |
|
||||||
|----------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------|
|
|-----------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------|
|
||||||
| `labels` | Set labels to apply to all resources in the chart | |
|
| `labels` | Set labels to apply to all resources in the chart | |
|
||||||
| `replicaCount` | Set the number of controller pods | 1 |
|
| `replicaCount` | Set the number of controller pods | 1 |
|
||||||
| `webhookPort` | Set the containerPort for the webhook Pod | 9443 |
|
| `webhookPort` | Set the containerPort for the webhook Pod | 9443 |
|
||||||
| `syncPeriod` | Set the period in which the controller reconciles the desired runners count | 1m |
|
| `syncPeriod` | Set the period in which the controller reconciles the desired runners count | 1m |
|
||||||
| `enableLeaderElection` | Enable election configuration | true |
|
| `enableLeaderElection` | Enable election configuration | true |
|
||||||
| `leaderElectionId` | Set the election ID for the controller group | |
|
| `leaderElectionId` | Set the election ID for the controller group | |
|
||||||
| `githubEnterpriseServerURL` | Set the URL for a self-hosted GitHub Enterprise Server | |
|
| `githubEnterpriseServerURL` | Set the URL for a self-hosted GitHub Enterprise Server | |
|
||||||
| `githubURL` | Override GitHub URL to be used for GitHub API calls | |
|
| `githubURL` | Override GitHub URL to be used for GitHub API calls | |
|
||||||
| `githubUploadURL` | Override GitHub Upload URL to be used for GitHub API calls | |
|
| `githubUploadURL` | Override GitHub Upload URL to be used for GitHub API calls | |
|
||||||
| `runnerGithubURL` | Override GitHub URL to be used by runners during registration | |
|
| `runnerGithubURL` | Override GitHub URL to be used by runners during registration | |
|
||||||
| `logLevel` | Set the log level of the controller container | |
|
| `logLevel` | Set the log level of the controller container | |
|
||||||
| `logFormat` | Set the log format of the controller. Valid options are "text" and "json" | text |
|
| `logFormat` | Set the log format of the controller. Valid options are "text" and "json" | text |
|
||||||
| `additionalVolumes` | Set additional volumes to add to the manager container | |
|
| `additionalVolumes` | Set additional volumes to add to the manager container | |
|
||||||
| `additionalVolumeMounts` | Set additional volume mounts to add to the manager container | |
|
| `additionalVolumeMounts` | Set additional volume mounts to add to the manager container | |
|
||||||
| `authSecret.create` | Deploy the controller auth secret | false |
|
| `authSecret.create` | Deploy the controller auth secret | false |
|
||||||
| `authSecret.name` | Set the name of the auth secret | controller-manager |
|
| `authSecret.name` | Set the name of the auth secret | controller-manager |
|
||||||
| `authSecret.annotations` | Set annotations for the auth Secret | |
|
| `authSecret.annotations` | Set annotations for the auth Secret | |
|
||||||
| `authSecret.github_app_id` | The ID of your GitHub App. **This can't be set at the same time as `authSecret.github_token`** | |
|
| `authSecret.github_app_id` | The ID of your GitHub App. **This can't be set at the same time as `authSecret.github_token`** | |
|
||||||
| `authSecret.github_app_installation_id` | The ID of your GitHub App installation. **This can't be set at the same time as `authSecret.github_token`** | |
|
| `authSecret.github_app_installation_id` | The ID of your GitHub App installation. **This can't be set at the same time as `authSecret.github_token`** | |
|
||||||
| `authSecret.github_app_private_key` | The multiline string of your GitHub App's private key. **This can't be set at the same time as `authSecret.github_token`** | |
|
| `authSecret.github_app_private_key` | The multiline string of your GitHub App's private key. **This can't be set at the same time as `authSecret.github_token`** | |
|
||||||
| `authSecret.github_token` | Your chosen GitHub PAT token. **This can't be set at the same time as the `authSecret.github_app_*`** | |
|
| `authSecret.github_token` | Your chosen GitHub PAT token. **This can't be set at the same time as the `authSecret.github_app_*`** | |
|
||||||
| `authSecret.github_basicauth_username` | Username for GitHub basic auth to use instead of PAT or GitHub APP in case it's running behind a proxy API | |
|
| `authSecret.github_basicauth_username` | Username for GitHub basic auth to use instead of PAT or GitHub APP in case it's running behind a proxy API | |
|
||||||
| `authSecret.github_basicauth_password` | Password for GitHub basic auth to use instead of PAT or GitHub APP in case it's running behind a proxy API | |
|
| `authSecret.github_basicauth_password` | Password for GitHub basic auth to use instead of PAT or GitHub APP in case it's running behind a proxy API | |
|
||||||
| `dockerRegistryMirror` | The default Docker Registry Mirror used by runners. | |
|
| `dockerRegistryMirror` | The default Docker Registry Mirror used by runners. | |
|
||||||
| `hostNetwork` | The "hostNetwork" of the controller container | false |
|
| `hostNetwork` | The "hostNetwork" of the controller container | false |
|
||||||
| `dnsPolicy` | The "dnsPolicy" of the controller container | ClusterFirst |
|
| `dnsPolicy` | The "dnsPolicy" of the controller container | ClusterFirst |
|
||||||
| `image.repository` | The "repository/image" of the controller container | summerwind/actions-runner-controller |
|
| `image.repository` | The "repository/image" of the controller container | summerwind/actions-runner-controller |
|
||||||
| `image.tag` | The tag of the controller container | |
|
| `image.tag` | The tag of the controller container | |
|
||||||
| `image.actionsRunnerRepositoryAndTag` | The "repository/image" of the actions runner container | summerwind/actions-runner:latest |
|
| `image.actionsRunnerRepositoryAndTag` | The "repository/image" of the actions runner container | summerwind/actions-runner:latest |
|
||||||
| `image.actionsRunnerImagePullSecrets` | Optional image pull secrets to be included in the runner pod's ImagePullSecrets | |
|
| `image.actionsRunnerImagePullSecrets` | Optional image pull secrets to be included in the runner pod's ImagePullSecrets | |
|
||||||
| `image.dindSidecarRepositoryAndTag` | The "repository/image" of the dind sidecar container | docker:dind |
|
| `image.dindSidecarRepositoryAndTag` | The "repository/image" of the dind sidecar container | docker:dind |
|
||||||
| `image.pullPolicy` | The pull policy of the controller image | IfNotPresent |
|
| `image.pullPolicy` | The pull policy of the controller image | IfNotPresent |
|
||||||
| `metrics.serviceMonitor.enable` | Deploy serviceMonitor kind for for use with prometheus-operator CRDs | false |
|
| `metrics.serviceMonitor.enable` | Deploy serviceMonitor kind for for use with prometheus-operator CRDs | false |
|
||||||
| `metrics.serviceMonitor.interval` | Configure the interval that Prometheus should scrap the controller's metrics | 1m |
|
| `metrics.serviceMonitor.interval` | Configure the interval that Prometheus should scrap the controller's metrics | 1m |
|
||||||
| `metrics.serviceMonitor.timeout` | Configure the timeout the timeout of Prometheus scrapping. | 30s |
|
| `metrics.serviceMonitor.namespace | Namespace which Prometheus is running in | `Release.Namespace` (the default namespace of the helm chart). |
|
||||||
| `metrics.serviceAnnotations` | Set annotations for the provisioned metrics service resource | |
|
| `metrics.serviceMonitor.timeout` | Configure the timeout the timeout of Prometheus scrapping. | 30s |
|
||||||
| `metrics.port` | Set port of metrics service | 8443 |
|
| `metrics.serviceAnnotations` | Set annotations for the provisioned metrics service resource | |
|
||||||
| `metrics.proxy.enabled` | Deploy kube-rbac-proxy container in controller pod | true |
|
| `metrics.port` | Set port of metrics service | 8443 |
|
||||||
| `metrics.proxy.image.repository` | The "repository/image" of the kube-proxy container | quay.io/brancz/kube-rbac-proxy |
|
| `metrics.proxy.enabled` | Deploy kube-rbac-proxy container in controller pod | true |
|
||||||
| `metrics.proxy.image.tag` | The tag of the kube-proxy image to use when pulling the container | v0.13.1 |
|
| `metrics.proxy.image.repository` | The "repository/image" of the kube-proxy container | quay.io/brancz/kube-rbac-proxy |
|
||||||
| `metrics.serviceMonitorLabels` | Set labels to apply to ServiceMonitor resources | |
|
| `metrics.proxy.image.tag` | The tag of the kube-proxy image to use when pulling the container | v0.13.1 |
|
||||||
| `imagePullSecrets` | Specifies the secret to be used when pulling the controller pod containers | |
|
| `metrics.serviceMonitorLabels` | Set labels to apply to ServiceMonitor resources | |
|
||||||
| `fullnameOverride` | Override the full resource names | |
|
| `imagePullSecrets` | Specifies the secret to be used when pulling the controller pod containers | |
|
||||||
| `nameOverride` | Override the resource name prefix | |
|
| `fullnameOverride` | Override the full resource names | |
|
||||||
| `serviceAccount.annotations` | Set annotations to the service account | |
|
| `nameOverride` | Override the resource name prefix | |
|
||||||
| `serviceAccount.create` | Deploy the controller pod under a service account | true |
|
| `serviceAccount.annotations` | Set annotations to the service account | |
|
||||||
| `podAnnotations` | Set annotations for the controller pod | |
|
| `serviceAccount.create` | Deploy the controller pod under a service account | true |
|
||||||
| `podLabels` | Set labels for the controller pod | |
|
| `podAnnotations` | Set annotations for the controller pod | |
|
||||||
| `serviceAccount.name` | Set the name of the service account | |
|
| `podLabels` | Set labels for the controller pod | |
|
||||||
| `securityContext` | Set the security context for each container in the controller pod | |
|
| `serviceAccount.name` | Set the name of the service account | |
|
||||||
| `podSecurityContext` | Set the security context to controller pod | |
|
| `securityContext` | Set the security context for each container in the controller pod | |
|
||||||
| `service.annotations` | Set annotations for the provisioned webhook service resource | |
|
| `podSecurityContext` | Set the security context to controller pod | |
|
||||||
| `service.port` | Set controller service ports | |
|
| `service.annotations` | Set annotations for the provisioned webhook service resource | |
|
||||||
| `service.type` | Set controller service type | |
|
| `service.port` | Set controller service ports | |
|
||||||
| `topologySpreadConstraints` | Set the controller pod topologySpreadConstraints | |
|
| `service.type` | Set controller service type | |
|
||||||
| `nodeSelector` | Set the controller pod nodeSelector | |
|
| `topologySpreadConstraints` | Set the controller pod topologySpreadConstraints | |
|
||||||
| `resources` | Set the controller pod resources | |
|
| `nodeSelector` | Set the controller pod nodeSelector | |
|
||||||
| `affinity` | Set the controller pod affinity rules | |
|
| `resources` | Set the controller pod resources | |
|
||||||
| `podDisruptionBudget.enabled` | Enables a PDB to ensure HA of controller pods | false |
|
| `affinity` | Set the controller pod affinity rules | |
|
||||||
| `podDisruptionBudget.minAvailable` | Minimum number of pods that must be available after eviction | |
|
| `podDisruptionBudget.enabled` | Enables a PDB to ensure HA of controller pods | false |
|
||||||
| `podDisruptionBudget.maxUnavailable` | Maximum number of pods that can be unavailable after eviction. Kubernetes 1.7+ required. | |
|
| `podDisruptionBudget.minAvailable` | Minimum number of pods that must be available after eviction | |
|
||||||
| `tolerations` | Set the controller pod tolerations | |
|
| `podDisruptionBudget.maxUnavailable` | Maximum number of pods that can be unavailable after eviction. Kubernetes 1.7+ required. | |
|
||||||
| `env` | Set environment variables for the controller container | |
|
| `tolerations` | Set the controller pod tolerations | |
|
||||||
| `priorityClassName` | Set the controller pod priorityClassName | |
|
| `env` | Set environment variables for the controller container | |
|
||||||
| `scope.watchNamespace` | Tells the controller and the github webhook server which namespace to watch if `scope.singleNamespace` is true | `Release.Namespace` (the default namespace of the helm chart). |
|
| `priorityClassName` | Set the controller pod priorityClassName | |
|
||||||
| `scope.singleNamespace` | Limit the controller to watch a single namespace | false |
|
| `scope.watchNamespace` | Tells the controller and the github webhook server which namespace to watch if `scope.singleNamespace` is true | `Release.Namespace` (the default namespace of the helm chart). |
|
||||||
| `certManagerEnabled` | Enable cert-manager. If disabled you must set admissionWebHooks.caBundle and create TLS secrets manually | true |
|
| `scope.singleNamespace` | Limit the controller to watch a single namespace | false |
|
||||||
| `runner.statusUpdateHook.enabled` | Use custom RBAC for runners (role, role binding and service account), this will enable reporting runner statuses | false |
|
| `certManagerEnabled` | Enable cert-manager. If disabled you must set admissionWebHooks.caBundle and create TLS secrets manually | true |
|
||||||
| `admissionWebHooks.caBundle` | Base64-encoded PEM bundle containing the CA that signed the webhook's serving certificate | |
|
| `runner.statusUpdateHook.enabled` | Use custom RBAC for runners (role, role binding and service account), this will enable reporting runner statuses | false |
|
||||||
| `githubWebhookServer.logLevel` | Set the log level of the githubWebhookServer container | |
|
| `admissionWebHooks.caBundle` | Base64-encoded PEM bundle containing the CA that signed the webhook's serving certificate | |
|
||||||
| `githubWebhookServer.logFormat` | Set the log format of the githubWebhookServer controller. Valid options are "text" and "json" | text |
|
| `githubWebhookServer.logLevel` | Set the log level of the githubWebhookServer container | |
|
||||||
| `githubWebhookServer.replicaCount` | Set the number of webhook server pods | 1 |
|
| `githubWebhookServer.logFormat` | Set the log format of the githubWebhookServer controller. Valid options are "text" and "json" | text |
|
||||||
| `githubWebhookServer.useRunnerGroupsVisibility` | Enable supporting runner groups with custom visibility, you also need to set `githubWebhookServer.secret.enabled` to enable this feature. | false |
|
| `githubWebhookServer.replicaCount` | Set the number of webhook server pods | 1 |
|
||||||
| `githubWebhookServer.enabled` | Deploy the webhook server pod | false |
|
| `githubWebhookServer.useRunnerGroupsVisibility` | Enable supporting runner groups with custom visibility, you also need to set `githubWebhookServer.secret.enabled` to enable this feature. | false |
|
||||||
| `githubWebhookServer.queueLimit` | Set the queue size limit in the githubWebhookServer | |
|
| `githubWebhookServer.enabled` | Deploy the webhook server pod | false |
|
||||||
| `githubWebhookServer.secret.enabled` | Passes the webhook hook secret to the github-webhook-server | false |
|
| `githubWebhookServer.queueLimit` | Set the queue size limit in the githubWebhookServer | |
|
||||||
| `githubWebhookServer.secret.create` | Deploy the webhook hook secret | false |
|
| `githubWebhookServer.secret.enabled` | Passes the webhook hook secret to the github-webhook-server | false |
|
||||||
| `githubWebhookServer.secret.name` | Set the name of the webhook hook secret | github-webhook-server |
|
| `githubWebhookServer.secret.create` | Deploy the webhook hook secret | false |
|
||||||
| `githubWebhookServer.secret.github_webhook_secret_token` | Set the webhook secret token value | |
|
| `githubWebhookServer.secret.name` | Set the name of the webhook hook secret | github-webhook-server |
|
||||||
| `githubWebhookServer.imagePullSecrets` | Specifies the secret to be used when pulling the githubWebhookServer pod containers | |
|
| `githubWebhookServer.secret.github_webhook_secret_token` | Set the webhook secret token value | |
|
||||||
| `githubWebhookServer.nameOverride` | Override the resource name prefix | |
|
| `githubWebhookServer.imagePullSecrets` | Specifies the secret to be used when pulling the githubWebhookServer pod containers | |
|
||||||
| `githubWebhookServer.fullnameOverride` | Override the full resource names | |
|
| `githubWebhookServer.nameOverride` | Override the resource name prefix | |
|
||||||
| `githubWebhookServer.serviceAccount.create` | Deploy the githubWebhookServer under a service account | true |
|
| `githubWebhookServer.fullnameOverride` | Override the full resource names | |
|
||||||
| `githubWebhookServer.serviceAccount.annotations` | Set annotations for the service account | |
|
| `githubWebhookServer.serviceAccount.create` | Deploy the githubWebhookServer under a service account | true |
|
||||||
| `githubWebhookServer.serviceAccount.name` | Set the service account name | |
|
| `githubWebhookServer.serviceAccount.annotations` | Set annotations for the service account | |
|
||||||
| `githubWebhookServer.podAnnotations` | Set annotations for the githubWebhookServer pod | |
|
| `githubWebhookServer.serviceAccount.name` | Set the service account name | |
|
||||||
| `githubWebhookServer.podLabels` | Set labels for the githubWebhookServer pod | |
|
| `githubWebhookServer.podAnnotations` | Set annotations for the githubWebhookServer pod | |
|
||||||
| `githubWebhookServer.podSecurityContext` | Set the security context to githubWebhookServer pod | |
|
| `githubWebhookServer.podLabels` | Set labels for the githubWebhookServer pod | |
|
||||||
| `githubWebhookServer.securityContext` | Set the security context for each container in the githubWebhookServer pod | |
|
| `githubWebhookServer.podSecurityContext` | Set the security context to githubWebhookServer pod | |
|
||||||
| `githubWebhookServer.resources` | Set the githubWebhookServer pod resources | |
|
| `githubWebhookServer.securityContext` | Set the security context for each container in the githubWebhookServer pod | |
|
||||||
| `githubWebhookServer.topologySpreadConstraints` | Set the githubWebhookServer pod topologySpreadConstraints | |
|
| `githubWebhookServer.resources` | Set the githubWebhookServer pod resources | |
|
||||||
| `githubWebhookServer.nodeSelector` | Set the githubWebhookServer pod nodeSelector | |
|
| `githubWebhookServer.topologySpreadConstraints` | Set the githubWebhookServer pod topologySpreadConstraints | |
|
||||||
| `githubWebhookServer.tolerations` | Set the githubWebhookServer pod tolerations | |
|
| `githubWebhookServer.nodeSelector` | Set the githubWebhookServer pod nodeSelector | |
|
||||||
| `githubWebhookServer.affinity` | Set the githubWebhookServer pod affinity rules | |
|
| `githubWebhookServer.tolerations` | Set the githubWebhookServer pod tolerations | |
|
||||||
| `githubWebhookServer.priorityClassName` | Set the githubWebhookServer pod priorityClassName | |
|
| `githubWebhookServer.affinity` | Set the githubWebhookServer pod affinity rules | |
|
||||||
| `githubWebhookServer.terminationGracePeriodSeconds` | Set the githubWebhookServer pod terminationGracePeriodSeconds. Useful when using preStop hooks to drain/sleep. | `10` |
|
| `githubWebhookServer.priorityClassName` | Set the githubWebhookServer pod priorityClassName | |
|
||||||
| `githubWebhookServer.lifecycle` | Set the githubWebhookServer pod lifecycle hooks | `{}` |
|
| `githubWebhookServer.terminationGracePeriodSeconds` | Set the githubWebhookServer pod terminationGracePeriodSeconds. Useful when using preStop hooks to drain/sleep. | `10` |
|
||||||
| `githubWebhookServer.service.type` | Set githubWebhookServer service type | |
|
| `githubWebhookServer.lifecycle` | Set the githubWebhookServer pod lifecycle hooks | `{}` |
|
||||||
| `githubWebhookServer.service.ports` | Set githubWebhookServer service ports | `[{"port":80, "targetPort:"http", "protocol":"TCP", "name":"http"}]` |
|
| `githubWebhookServer.service.type` | Set githubWebhookServer service type | |
|
||||||
| `githubWebhookServer.service.loadBalancerSourceRanges` | Set githubWebhookServer loadBalancerSourceRanges for restricting loadBalancer type services | `[]` |
|
| `githubWebhookServer.service.ports` | Set githubWebhookServer service ports | `[{"port":80, "targetPort:"http", "protocol":"TCP", "name":"http"}]` |
|
||||||
| `githubWebhookServer.ingress.enabled` | Deploy an ingress kind for the githubWebhookServer | false |
|
| `githubWebhookServer.service.loadBalancerSourceRanges` | Set githubWebhookServer loadBalancerSourceRanges for restricting loadBalancer type services | `[]` |
|
||||||
| `githubWebhookServer.ingress.annotations` | Set annotations for the ingress kind | |
|
| `githubWebhookServer.ingress.enabled` | Deploy an ingress kind for the githubWebhookServer | false |
|
||||||
| `githubWebhookServer.ingress.hosts` | Set hosts configuration for ingress | `[{"host": "chart-example.local", "paths": []}]` |
|
| `githubWebhookServer.ingress.annotations` | Set annotations for the ingress kind | |
|
||||||
| `githubWebhookServer.ingress.tls` | Set tls configuration for ingress | |
|
| `githubWebhookServer.ingress.hosts` | Set hosts configuration for ingress | `[{"host": "chart-example.local", "paths": []}]` |
|
||||||
| `githubWebhookServer.ingress.ingressClassName` | Set ingress class name | |
|
| `githubWebhookServer.ingress.tls` | Set tls configuration for ingress | |
|
||||||
| `githubWebhookServer.podDisruptionBudget.enabled` | Enables a PDB to ensure HA of githubwebhook pods | false |
|
| `githubWebhookServer.ingress.ingressClassName` | Set ingress class name | |
|
||||||
| `githubWebhookServer.podDisruptionBudget.minAvailable` | Minimum number of pods that must be available after eviction | |
|
| `githubWebhookServer.podDisruptionBudget.enabled` | Enables a PDB to ensure HA of githubwebhook pods | false |
|
||||||
| `githubWebhookServer.podDisruptionBudget.maxUnavailable` | Maximum number of pods that can be unavailable after eviction. Kubernetes 1.7+ required. | |
|
| `githubWebhookServer.podDisruptionBudget.minAvailable` | Minimum number of pods that must be available after eviction | |
|
||||||
| `actionsMetricsServer.logLevel` | Set the log level of the actionsMetricsServer container | |
|
| `githubWebhookServer.podDisruptionBudget.maxUnavailable` | Maximum number of pods that can be unavailable after eviction. Kubernetes 1.7+ required. | |
|
||||||
| `actionsMetricsServer.logFormat` | Set the log format of the actionsMetricsServer controller. Valid options are "text" and "json" | text |
|
| `actionsMetricsServer.logLevel` | Set the log level of the actionsMetricsServer container | |
|
||||||
| `actionsMetricsServer.enabled` | Deploy the actions metrics server pod | false |
|
| `actionsMetricsServer.logFormat` | Set the log format of the actionsMetricsServer controller. Valid options are "text" and "json" | text |
|
||||||
|
| `actionsMetricsServer.enabled` | Deploy the actions metrics server pod | false |
|
||||||
| `actionsMetricsServer.secret.enabled` | Passes the webhook hook secret to the actions-metrics-server | false |
|
| `actionsMetricsServer.secret.enabled` | Passes the webhook hook secret to the actions-metrics-server | false |
|
||||||
| `actionsMetricsServer.secret.create` | Deploy the webhook hook secret | false |
|
| `actionsMetricsServer.secret.create` | Deploy the webhook hook secret | false |
|
||||||
| `actionsMetricsServer.secret.name` | Set the name of the webhook hook secret | actions-metrics-server |
|
| `actionsMetricsServer.secret.name` | Set the name of the webhook hook secret | actions-metrics-server |
|
||||||
| `actionsMetricsServer.secret.github_webhook_secret_token` | Set the webhook secret token value | |
|
| `actionsMetricsServer.secret.github_webhook_secret_token` | Set the webhook secret token value | |
|
||||||
| `actionsMetricsServer.imagePullSecrets` | Specifies the secret to be used when pulling the actionsMetricsServer pod containers | |
|
| `actionsMetricsServer.imagePullSecrets` | Specifies the secret to be used when pulling the actionsMetricsServer pod containers | |
|
||||||
| `actionsMetricsServer.nameOverride` | Override the resource name prefix | |
|
| `actionsMetricsServer.nameOverride` | Override the resource name prefix | |
|
||||||
| `actionsMetricsServer.fullnameOverride` | Override the full resource names | |
|
| `actionsMetricsServer.fullnameOverride` | Override the full resource names | |
|
||||||
| `actionsMetricsServer.serviceAccount.create` | Deploy the actionsMetricsServer under a service account | true |
|
| `actionsMetricsServer.serviceAccount.create` | Deploy the actionsMetricsServer under a service account | true |
|
||||||
| `actionsMetricsServer.serviceAccount.annotations` | Set annotations for the service account | |
|
| `actionsMetricsServer.serviceAccount.annotations` | Set annotations for the service account | |
|
||||||
| `actionsMetricsServer.serviceAccount.name` | Set the service account name | |
|
| `actionsMetricsServer.serviceAccount.name` | Set the service account name | |
|
||||||
| `actionsMetricsServer.podAnnotations` | Set annotations for the actionsMetricsServer pod | |
|
| `actionsMetricsServer.podAnnotations` | Set annotations for the actionsMetricsServer pod | |
|
||||||
| `actionsMetricsServer.podLabels` | Set labels for the actionsMetricsServer pod | |
|
| `actionsMetricsServer.podLabels` | Set labels for the actionsMetricsServer pod | |
|
||||||
| `actionsMetricsServer.podSecurityContext` | Set the security context to actionsMetricsServer pod | |
|
| `actionsMetricsServer.podSecurityContext` | Set the security context to actionsMetricsServer pod | |
|
||||||
| `actionsMetricsServer.securityContext` | Set the security context for each container in the actionsMetricsServer pod | |
|
| `actionsMetricsServer.securityContext` | Set the security context for each container in the actionsMetricsServer pod | |
|
||||||
| `actionsMetricsServer.resources` | Set the actionsMetricsServer pod resources | |
|
| `actionsMetricsServer.resources` | Set the actionsMetricsServer pod resources | |
|
||||||
| `actionsMetricsServer.topologySpreadConstraints` | Set the actionsMetricsServer pod topologySpreadConstraints | |
|
| `actionsMetricsServer.topologySpreadConstraints` | Set the actionsMetricsServer pod topologySpreadConstraints | |
|
||||||
| `actionsMetricsServer.nodeSelector` | Set the actionsMetricsServer pod nodeSelector | |
|
| `actionsMetricsServer.nodeSelector` | Set the actionsMetricsServer pod nodeSelector | |
|
||||||
| `actionsMetricsServer.tolerations` | Set the actionsMetricsServer pod tolerations | |
|
| `actionsMetricsServer.tolerations` | Set the actionsMetricsServer pod tolerations | |
|
||||||
| `actionsMetricsServer.affinity` | Set the actionsMetricsServer pod affinity rules | |
|
| `actionsMetricsServer.affinity` | Set the actionsMetricsServer pod affinity rules | |
|
||||||
| `actionsMetricsServer.priorityClassName` | Set the actionsMetricsServer pod priorityClassName | |
|
| `actionsMetricsServer.priorityClassName` | Set the actionsMetricsServer pod priorityClassName | |
|
||||||
| `actionsMetricsServer.terminationGracePeriodSeconds` | Set the actionsMetricsServer pod terminationGracePeriodSeconds. Useful when using preStop hooks to drain/sleep. | `10` |
|
| `actionsMetricsServer.terminationGracePeriodSeconds` | Set the actionsMetricsServer pod terminationGracePeriodSeconds. Useful when using preStop hooks to drain/sleep. | `10` |
|
||||||
| `actionsMetricsServer.lifecycle` | Set the actionsMetricsServer pod lifecycle hooks | `{}` |
|
| `actionsMetricsServer.lifecycle` | Set the actionsMetricsServer pod lifecycle hooks | `{}` |
|
||||||
| `actionsMetricsServer.service.type` | Set actionsMetricsServer service type | |
|
| `actionsMetricsServer.service.type` | Set actionsMetricsServer service type | |
|
||||||
| `actionsMetricsServer.service.ports` | Set actionsMetricsServer service ports | `[{"port":80, "targetPort:"http", "protocol":"TCP", "name":"http"}]` |
|
| `actionsMetricsServer.service.ports` | Set actionsMetricsServer service ports | `[{"port":80, "targetPort:"http", "protocol":"TCP", "name":"http"}]` |
|
||||||
| `actionsMetricsServer.service.loadBalancerSourceRanges` | Set actionsMetricsServer loadBalancerSourceRanges for restricting loadBalancer type services | `[]` |
|
| `actionsMetricsServer.service.loadBalancerSourceRanges` | Set actionsMetricsServer loadBalancerSourceRanges for restricting loadBalancer type services | `[]` |
|
||||||
| `actionsMetricsServer.ingress.enabled` | Deploy an ingress kind for the actionsMetricsServer | false |
|
| `actionsMetricsServer.ingress.enabled` | Deploy an ingress kind for the actionsMetricsServer | false |
|
||||||
| `actionsMetricsServer.ingress.annotations` | Set annotations for the ingress kind | |
|
| `actionsMetricsServer.ingress.annotations` | Set annotations for the ingress kind | |
|
||||||
| `actionsMetricsServer.ingress.hosts` | Set hosts configuration for ingress | `[{"host": "chart-example.local", "paths": []}]` |
|
| `actionsMetricsServer.ingress.hosts` | Set hosts configuration for ingress | `[{"host": "chart-example.local", "paths": []}]` |
|
||||||
| `actionsMetricsServer.ingress.tls` | Set tls configuration for ingress | |
|
| `actionsMetricsServer.ingress.tls` | Set tls configuration for ingress | |
|
||||||
| `actionsMetricsServer.ingress.ingressClassName` | Set ingress class name | |
|
| `actionsMetricsServer.ingress.ingressClassName` | Set ingress class name | |
|
||||||
| `actionsMetrics.serviceMonitor.enable` | Deploy serviceMonitor kind for for use with prometheus-operator CRDs | false |
|
| `actionsMetrics.serviceMonitor.enable` | Deploy serviceMonitor kind for for use with prometheus-operator CRDs | false |
|
||||||
| `actionsMetrics.serviceMonitor.interval` | Configure the interval that Prometheus should scrap the controller's metrics | 1m |
|
| `actionsMetrics.serviceMonitor.interval` | Configure the interval that Prometheus should scrap the controller's metrics | 1m |
|
||||||
| `actionsMetrics.serviceMonitor.timeout` | Configure the timeout the timeout of Prometheus scrapping. | 30s |
|
| `actionsMetrics.serviceMonitor.namespace` | Namespace which Prometheus is running in. | `Release.Namespace` (the default namespace of the helm chart). |
|
||||||
| `actionsMetrics.serviceAnnotations` | Set annotations for the provisioned actions metrics service resource | |
|
| `actionsMetrics.serviceMonitor.timeout` | Configure the timeout the timeout of Prometheus scrapping. | 30s |
|
||||||
| `actionsMetrics.port` | Set port of actions metrics service | 8443 |
|
| `actionsMetrics.serviceAnnotations` | Set annotations for the provisioned actions metrics service resource | |
|
||||||
|
| `actionsMetrics.port` | Set port of actions metrics service | 8443 |
|
||||||
| `actionsMetrics.proxy.enabled` | Deploy kube-rbac-proxy container in controller pod | true |
|
| `actionsMetrics.proxy.enabled` | Deploy kube-rbac-proxy container in controller pod | true |
|
||||||
| `actionsMetrics.proxy.image.repository` | The "repository/image" of the kube-proxy container | quay.io/brancz/kube-rbac-proxy |
|
| `actionsMetrics.proxy.image.repository` | The "repository/image" of the kube-proxy container | quay.io/brancz/kube-rbac-proxy |
|
||||||
| `actionsMetrics.proxy.image.tag` | The tag of the kube-proxy image to use when pulling the container | v0.13.1 |
|
| `actionsMetrics.proxy.image.tag` | The tag of the kube-proxy image to use when pulling the container | v0.13.1 |
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: horizontalrunnerautoscalers.actions.summerwind.dev
|
name: horizontalrunnerautoscalers.actions.summerwind.dev
|
||||||
spec:
|
spec:
|
||||||
group: actions.summerwind.dev
|
group: actions.summerwind.dev
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: runnerdeployments.actions.summerwind.dev
|
name: runnerdeployments.actions.summerwind.dev
|
||||||
spec:
|
spec:
|
||||||
group: actions.summerwind.dev
|
group: actions.summerwind.dev
|
||||||
@@ -767,7 +766,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -832,7 +831,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -891,7 +890,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -915,7 +914,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1027,7 +1026,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1051,7 +1050,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1112,11 +1111,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1143,9 +1159,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1208,7 +1227,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1226,7 +1245,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1250,7 +1269,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1274,7 +1293,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1557,7 +1576,7 @@ spec:
|
|||||||
description: ResourceRequirements describes the compute resource requirements.
|
description: ResourceRequirements describes the compute resource requirements.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1584,7 +1603,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
dockerdWithinRunnerContainer:
|
dockerdWithinRunnerContainer:
|
||||||
@@ -1873,7 +1892,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1938,7 +1957,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1997,7 +2016,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2021,7 +2040,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2133,7 +2152,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2157,7 +2176,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2218,11 +2237,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2249,9 +2285,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2314,7 +2353,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2332,7 +2371,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2356,7 +2395,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2380,7 +2419,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2714,7 +2753,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2779,7 +2818,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2838,7 +2877,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2862,7 +2901,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2974,7 +3013,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2998,7 +3037,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3059,11 +3098,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3090,9 +3146,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -3155,7 +3214,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3173,7 +3232,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3197,7 +3256,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -3221,7 +3280,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3368,7 +3427,7 @@ spec:
|
|||||||
description: ResourceRequirements describes the compute resource requirements.
|
description: ResourceRequirements describes the compute resource requirements.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3395,7 +3454,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
@@ -3442,7 +3501,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3482,7 +3541,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3654,7 +3713,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3719,7 +3778,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3778,7 +3837,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -3802,7 +3861,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3914,7 +3973,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -3938,7 +3997,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3999,11 +4058,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -4030,9 +4106,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -4095,7 +4174,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -4113,7 +4192,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -4137,7 +4216,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -4161,7 +4240,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -4349,7 +4428,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -4663,7 +4742,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -4741,7 +4820,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -4768,7 +4847,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
@@ -5391,7 +5470,7 @@ spec:
|
|||||||
description: ResourceRequirements describes the compute resource requirements.
|
description: ResourceRequirements describes the compute resource requirements.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -5418,7 +5497,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
storageClassName:
|
storageClassName:
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: runnerreplicasets.actions.summerwind.dev
|
name: runnerreplicasets.actions.summerwind.dev
|
||||||
spec:
|
spec:
|
||||||
group: actions.summerwind.dev
|
group: actions.summerwind.dev
|
||||||
@@ -749,7 +748,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -814,7 +813,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -873,7 +872,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -897,7 +896,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1009,7 +1008,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1033,7 +1032,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1094,11 +1093,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1125,9 +1141,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1190,7 +1209,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1208,7 +1227,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1232,7 +1251,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1256,7 +1275,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1539,7 +1558,7 @@ spec:
|
|||||||
description: ResourceRequirements describes the compute resource requirements.
|
description: ResourceRequirements describes the compute resource requirements.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1566,7 +1585,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
dockerdWithinRunnerContainer:
|
dockerdWithinRunnerContainer:
|
||||||
@@ -1855,7 +1874,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1920,7 +1939,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1979,7 +1998,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2003,7 +2022,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2115,7 +2134,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2139,7 +2158,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2200,11 +2219,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2231,9 +2267,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2296,7 +2335,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2314,7 +2353,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2338,7 +2377,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2362,7 +2401,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2696,7 +2735,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2761,7 +2800,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2820,7 +2859,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2844,7 +2883,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2956,7 +2995,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2980,7 +3019,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3041,11 +3080,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3072,9 +3128,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -3137,7 +3196,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3155,7 +3214,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3179,7 +3238,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -3203,7 +3262,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3350,7 +3409,7 @@ spec:
|
|||||||
description: ResourceRequirements describes the compute resource requirements.
|
description: ResourceRequirements describes the compute resource requirements.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3377,7 +3436,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
@@ -3424,7 +3483,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3464,7 +3523,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3636,7 +3695,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3701,7 +3760,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3760,7 +3819,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -3784,7 +3843,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3896,7 +3955,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -3920,7 +3979,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3981,11 +4040,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -4012,9 +4088,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -4077,7 +4156,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -4095,7 +4174,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -4119,7 +4198,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -4143,7 +4222,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -4331,7 +4410,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -4645,7 +4724,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -4723,7 +4802,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -4750,7 +4829,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
@@ -5373,7 +5452,7 @@ spec:
|
|||||||
description: ResourceRequirements describes the compute resource requirements.
|
description: ResourceRequirements describes the compute resource requirements.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -5400,7 +5479,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
storageClassName:
|
storageClassName:
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: runners.actions.summerwind.dev
|
name: runners.actions.summerwind.dev
|
||||||
spec:
|
spec:
|
||||||
group: actions.summerwind.dev
|
group: actions.summerwind.dev
|
||||||
@@ -701,7 +700,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -766,7 +765,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -825,7 +824,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -849,7 +848,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -961,7 +960,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -985,7 +984,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1046,11 +1045,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1077,9 +1093,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1142,7 +1161,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1160,7 +1179,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1184,7 +1203,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1208,7 +1227,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1491,7 +1510,7 @@ spec:
|
|||||||
description: ResourceRequirements describes the compute resource requirements.
|
description: ResourceRequirements describes the compute resource requirements.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1518,7 +1537,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
dockerdWithinRunnerContainer:
|
dockerdWithinRunnerContainer:
|
||||||
@@ -1807,7 +1826,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1872,7 +1891,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1931,7 +1950,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1955,7 +1974,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2067,7 +2086,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2091,7 +2110,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2152,11 +2171,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2183,9 +2219,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2248,7 +2287,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2266,7 +2305,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2290,7 +2329,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2314,7 +2353,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2648,7 +2687,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2713,7 +2752,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2772,7 +2811,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2796,7 +2835,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2908,7 +2947,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2932,7 +2971,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2993,11 +3032,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3024,9 +3080,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -3089,7 +3148,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3107,7 +3166,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3131,7 +3190,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -3155,7 +3214,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3302,7 +3361,7 @@ spec:
|
|||||||
description: ResourceRequirements describes the compute resource requirements.
|
description: ResourceRequirements describes the compute resource requirements.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3329,7 +3388,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
@@ -3376,7 +3435,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3416,7 +3475,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3588,7 +3647,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3653,7 +3712,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3712,7 +3771,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -3736,7 +3795,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3848,7 +3907,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -3872,7 +3931,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3933,11 +3992,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3964,9 +4040,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -4029,7 +4108,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -4047,7 +4126,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -4071,7 +4150,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -4095,7 +4174,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -4283,7 +4362,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -4597,7 +4676,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -4675,7 +4754,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -4702,7 +4781,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
@@ -5325,7 +5404,7 @@ spec:
|
|||||||
description: ResourceRequirements describes the compute resource requirements.
|
description: ResourceRequirements describes the compute resource requirements.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -5352,7 +5431,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
storageClassName:
|
storageClassName:
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: runnersets.actions.summerwind.dev
|
name: runnersets.actions.summerwind.dev
|
||||||
spec:
|
spec:
|
||||||
group: actions.summerwind.dev
|
group: actions.summerwind.dev
|
||||||
@@ -97,7 +96,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
ordinals:
|
ordinals:
|
||||||
description: ordinals controls the numbering of replica indices in a StatefulSet. The default ordinals behavior assigns a "0" index to the first replica and increments the index by one for each additional replica requested. Using the ordinals field requires the StatefulSetStartOrdinal feature gate to be enabled, which is alpha.
|
description: ordinals controls the numbering of replica indices in a StatefulSet. The default ordinals behavior assigns a "0" index to the first replica and increments the index by one for each additional replica requested. Using the ordinals field requires the StatefulSetStartOrdinal feature gate to be enabled, which is beta.
|
||||||
properties:
|
properties:
|
||||||
start:
|
start:
|
||||||
description: 'start is the number representing the first replica''s index. It may be used to number replicas from an alternate index (eg: 1-indexed) over the default 0-indexed names, or to orchestrate progressive movement of replicas from one StatefulSet to another. If set, replica indices will be in the range: [.spec.ordinals.start, .spec.ordinals.start + .spec.replicas). If unset, defaults to 0. Replica indices will be in the range: [0, .spec.replicas).'
|
description: 'start is the number representing the first replica''s index. It may be used to number replicas from an alternate index (eg: 1-indexed) over the default 0-indexed names, or to orchestrate progressive movement of replicas from one StatefulSet to another. If set, replica indices will be in the range: [.spec.ordinals.start, .spec.ordinals.start + .spec.replicas). If unset, defaults to 0. Replica indices will be in the range: [0, .spec.replicas).'
|
||||||
@@ -168,7 +167,7 @@ spec:
|
|||||||
description: 'serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where "pod-specific-string" is managed by the StatefulSet controller.'
|
description: 'serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where "pod-specific-string" is managed by the StatefulSet controller.'
|
||||||
type: string
|
type: string
|
||||||
template:
|
template:
|
||||||
description: template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet. Each pod will be named with the format <statefulsetname>-<podindex>. For example, a pod in a StatefulSet named "web" with index number "3" would be named "web-3".
|
description: template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet. Each pod will be named with the format <statefulsetname>-<podindex>. For example, a pod in a StatefulSet named "web" with index number "3" would be named "web-3". The only allowed template.spec.restartPolicy value is "Always".
|
||||||
properties:
|
properties:
|
||||||
metadata:
|
metadata:
|
||||||
description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
|
description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
|
||||||
@@ -836,7 +835,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -901,7 +900,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -960,7 +959,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -984,7 +983,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1096,7 +1095,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1120,7 +1119,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1181,11 +1180,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1212,9 +1228,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1277,7 +1296,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1295,7 +1314,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1319,7 +1338,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1343,7 +1362,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1666,7 +1685,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1731,7 +1750,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1790,7 +1809,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1814,7 +1833,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1926,7 +1945,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1950,7 +1969,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2011,11 +2030,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2042,9 +2078,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2107,7 +2146,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2125,7 +2164,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2149,7 +2188,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2173,7 +2212,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2508,7 +2547,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2573,7 +2612,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2632,7 +2671,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2656,7 +2695,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2768,7 +2807,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2792,7 +2831,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2853,11 +2892,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2884,9 +2940,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -2949,7 +3008,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2967,7 +3026,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2991,7 +3050,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -3015,7 +3074,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3206,7 +3265,7 @@ spec:
|
|||||||
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
||||||
type: string
|
type: string
|
||||||
resourceClaimTemplateName:
|
resourceClaimTemplateName:
|
||||||
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -3217,7 +3276,7 @@ spec:
|
|||||||
- name
|
- name
|
||||||
x-kubernetes-list-type: map
|
x-kubernetes-list-type: map
|
||||||
restartPolicy:
|
restartPolicy:
|
||||||
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
||||||
type: string
|
type: string
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
||||||
@@ -3226,7 +3285,7 @@ spec:
|
|||||||
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
||||||
type: string
|
type: string
|
||||||
schedulingGates:
|
schedulingGates:
|
||||||
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate."
|
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate."
|
||||||
items:
|
items:
|
||||||
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
||||||
properties:
|
properties:
|
||||||
@@ -3281,7 +3340,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3321,7 +3380,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3407,7 +3466,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -3691,7 +3750,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -3769,7 +3828,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3796,7 +3855,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
@@ -4511,7 +4570,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -4538,7 +4597,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
@@ -4590,6 +4649,13 @@ spec:
|
|||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
allocatedResourceStatuses:
|
||||||
|
additionalProperties:
|
||||||
|
description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource that it does not recognizes, then it should ignore that update and let other controllers handle it.
|
||||||
|
type: string
|
||||||
|
description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n ClaimResourceStatus can be in any of following states: - ControllerResizeInProgress: State set when resize controller starts resizing the volume in control-plane. - ControllerResizeFailed: State set when resize has failed in resize controller with a terminal error. - NodeResizePending: State set when resize controller has finished resizing the volume but further resizing of volume is needed on the node. - NodeResizeInProgress: State set when kubelet starts resizing the volume. - NodeResizeFailed: State set when resizing has failed in kubelet with a terminal error. Transient errors don't set NodeResizeFailed. For example: if expanding a PVC for more capacity - this field can be one of the following states: - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\" When this field is not set, it means that no resize operation is in progress for the given PVC. \n A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
|
||||||
|
type: object
|
||||||
|
x-kubernetes-map-type: granular
|
||||||
allocatedResources:
|
allocatedResources:
|
||||||
additionalProperties:
|
additionalProperties:
|
||||||
anyOf:
|
anyOf:
|
||||||
@@ -4597,7 +4663,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
|
description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. \n A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
|
||||||
type: object
|
type: object
|
||||||
capacity:
|
capacity:
|
||||||
additionalProperties:
|
additionalProperties:
|
||||||
@@ -4611,7 +4677,7 @@ spec:
|
|||||||
conditions:
|
conditions:
|
||||||
description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
|
description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
|
||||||
items:
|
items:
|
||||||
description: PersistentVolumeClaimCondition contails details about state of pvc
|
description: PersistentVolumeClaimCondition contains details about state of pvc
|
||||||
properties:
|
properties:
|
||||||
lastProbeTime:
|
lastProbeTime:
|
||||||
description: lastProbeTime is the time we probed the condition.
|
description: lastProbeTime is the time we probed the condition.
|
||||||
@@ -4640,9 +4706,6 @@ spec:
|
|||||||
phase:
|
phase:
|
||||||
description: phase represents the current phase of PersistentVolumeClaim.
|
description: phase represents the current phase of PersistentVolumeClaim.
|
||||||
type: string
|
type: string
|
||||||
resizeStatus:
|
|
||||||
description: resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
|
|
||||||
type: string
|
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
@@ -4666,7 +4729,7 @@ spec:
|
|||||||
description: ResourceRequirements describes the compute resource requirements.
|
description: ResourceRequirements describes the compute resource requirements.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -4693,7 +4756,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
storageClassName:
|
storageClassName:
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
{{- if and .Values.actionsMetricsServer.enabled .Values.actionsMetrics.serviceMonitor.enable }}
|
{{- if and .Values.actionsMetricsServer.enabled .Values.actionsMetrics.serviceMonitor.enable }}
|
||||||
|
{{- $servicemonitornamespace := .Values.actionsMetrics.serviceMonitor.namespace | default .Release.Namespace }}
|
||||||
apiVersion: monitoring.coreos.com/v1
|
apiVersion: monitoring.coreos.com/v1
|
||||||
kind: ServiceMonitor
|
kind: ServiceMonitor
|
||||||
metadata:
|
metadata:
|
||||||
@@ -8,7 +9,7 @@ metadata:
|
|||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
name: {{ include "actions-runner-controller-actions-metrics-server.serviceMonitorName" . }}
|
name: {{ include "actions-runner-controller-actions-metrics-server.serviceMonitorName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ $servicemonitornamespace }}
|
||||||
spec:
|
spec:
|
||||||
endpoints:
|
endpoints:
|
||||||
- path: /metrics
|
- path: /metrics
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
{{- if and .Values.githubWebhookServer.enabled .Values.metrics.serviceMonitor.enable }}
|
{{- if and .Values.githubWebhookServer.enabled .Values.metrics.serviceMonitor.enable }}
|
||||||
|
{{- $servicemonitornamespace := .Values.actionsMetrics.serviceMonitor.namespace | default .Release.Namespace }}
|
||||||
apiVersion: monitoring.coreos.com/v1
|
apiVersion: monitoring.coreos.com/v1
|
||||||
kind: ServiceMonitor
|
kind: ServiceMonitor
|
||||||
metadata:
|
metadata:
|
||||||
@@ -8,7 +9,7 @@ metadata:
|
|||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
name: {{ include "actions-runner-controller-github-webhook-server.serviceMonitorName" . }}
|
name: {{ include "actions-runner-controller-github-webhook-server.serviceMonitorName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ $servicemonitornamespace }}
|
||||||
spec:
|
spec:
|
||||||
endpoints:
|
endpoints:
|
||||||
- path: /metrics
|
- path: /metrics
|
||||||
|
|||||||
@@ -111,6 +111,7 @@ metrics:
|
|||||||
serviceAnnotations: {}
|
serviceAnnotations: {}
|
||||||
serviceMonitor:
|
serviceMonitor:
|
||||||
enable: false
|
enable: false
|
||||||
|
namespace: ""
|
||||||
timeout: 30s
|
timeout: 30s
|
||||||
interval: 1m
|
interval: 1m
|
||||||
serviceMonitorLabels: {}
|
serviceMonitorLabels: {}
|
||||||
@@ -312,6 +313,7 @@ actionsMetrics:
|
|||||||
# to deploy the actions-metrics-server whose k8s service is referenced by the service monitor.
|
# to deploy the actions-metrics-server whose k8s service is referenced by the service monitor.
|
||||||
serviceMonitor:
|
serviceMonitor:
|
||||||
enable: false
|
enable: false
|
||||||
|
namespace: ""
|
||||||
timeout: 30s
|
timeout: 30s
|
||||||
interval: 1m
|
interval: 1m
|
||||||
serviceMonitorLabels: {}
|
serviceMonitorLabels: {}
|
||||||
|
|||||||
@@ -15,13 +15,13 @@ type: application
|
|||||||
# This is the chart version. This version number should be incremented each time you make changes
|
# This is the chart version. This version number should be incremented each time you make changes
|
||||||
# to the chart and its templates, including the app version.
|
# to the chart and its templates, including the app version.
|
||||||
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
||||||
version: 0.6.0
|
version: 0.7.0
|
||||||
|
|
||||||
# This is the version number of the application being deployed. This version number should be
|
# This is the version number of the application being deployed. This version number should be
|
||||||
# incremented each time you make changes to the application. Versions are not expected to
|
# incremented each time you make changes to the application. Versions are not expected to
|
||||||
# follow Semantic Versioning. They should reflect the version the application is using.
|
# follow Semantic Versioning. They should reflect the version the application is using.
|
||||||
# It is recommended to use it with quotes.
|
# It is recommended to use it with quotes.
|
||||||
appVersion: "0.6.0"
|
appVersion: "0.7.0"
|
||||||
|
|
||||||
home: https://github.com/actions/actions-runner-controller
|
home: https://github.com/actions/actions-runner-controller
|
||||||
|
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: autoscalinglisteners.actions.github.com
|
name: autoscalinglisteners.actions.github.com
|
||||||
spec:
|
spec:
|
||||||
group: actions.github.com
|
group: actions.github.com
|
||||||
@@ -796,7 +795,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -861,7 +860,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -920,7 +919,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -944,7 +943,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1056,7 +1055,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1080,7 +1079,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1141,11 +1140,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1175,9 +1191,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1240,7 +1259,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1258,7 +1277,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1282,7 +1301,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1306,7 +1325,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1629,7 +1648,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1694,7 +1713,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1753,7 +1772,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1777,7 +1796,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1889,7 +1908,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1913,7 +1932,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1974,11 +1993,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2008,9 +2044,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2073,7 +2112,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2091,7 +2130,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2115,7 +2154,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2139,7 +2178,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2474,7 +2513,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2539,7 +2578,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2598,7 +2637,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2622,7 +2661,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2734,7 +2773,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2758,7 +2797,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2819,11 +2858,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2853,9 +2909,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -2918,7 +2977,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2936,7 +2995,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2960,7 +3019,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2984,7 +3043,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3175,7 +3234,7 @@ spec:
|
|||||||
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
||||||
type: string
|
type: string
|
||||||
resourceClaimTemplateName:
|
resourceClaimTemplateName:
|
||||||
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -3186,7 +3245,7 @@ spec:
|
|||||||
- name
|
- name
|
||||||
x-kubernetes-list-type: map
|
x-kubernetes-list-type: map
|
||||||
restartPolicy:
|
restartPolicy:
|
||||||
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
||||||
type: string
|
type: string
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
||||||
@@ -3195,7 +3254,7 @@ spec:
|
|||||||
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
||||||
type: string
|
type: string
|
||||||
schedulingGates:
|
schedulingGates:
|
||||||
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate."
|
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate."
|
||||||
items:
|
items:
|
||||||
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
||||||
properties:
|
properties:
|
||||||
@@ -3250,7 +3309,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3290,7 +3349,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3376,7 +3435,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -3660,7 +3719,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -3738,7 +3797,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3768,7 +3827,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: autoscalingrunnersets.actions.github.com
|
name: autoscalingrunnersets.actions.github.com
|
||||||
spec:
|
spec:
|
||||||
group: actions.github.com
|
group: actions.github.com
|
||||||
@@ -754,7 +753,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -819,7 +818,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -878,7 +877,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -902,7 +901,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1014,7 +1013,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1038,7 +1037,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1099,11 +1098,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1133,9 +1149,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1198,7 +1217,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1216,7 +1235,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1240,7 +1259,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1264,7 +1283,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1587,7 +1606,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1652,7 +1671,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1711,7 +1730,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1735,7 +1754,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1847,7 +1866,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1871,7 +1890,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1932,11 +1951,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1966,9 +2002,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2031,7 +2070,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2049,7 +2088,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2073,7 +2112,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2097,7 +2136,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2432,7 +2471,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2497,7 +2536,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2556,7 +2595,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2580,7 +2619,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2692,7 +2731,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2716,7 +2755,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2777,11 +2816,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2811,9 +2867,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -2876,7 +2935,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2894,7 +2953,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2918,7 +2977,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2942,7 +3001,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3133,7 +3192,7 @@ spec:
|
|||||||
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
||||||
type: string
|
type: string
|
||||||
resourceClaimTemplateName:
|
resourceClaimTemplateName:
|
||||||
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -3144,7 +3203,7 @@ spec:
|
|||||||
- name
|
- name
|
||||||
x-kubernetes-list-type: map
|
x-kubernetes-list-type: map
|
||||||
restartPolicy:
|
restartPolicy:
|
||||||
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
||||||
type: string
|
type: string
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
||||||
@@ -3153,7 +3212,7 @@ spec:
|
|||||||
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
||||||
type: string
|
type: string
|
||||||
schedulingGates:
|
schedulingGates:
|
||||||
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate."
|
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate."
|
||||||
items:
|
items:
|
||||||
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
||||||
properties:
|
properties:
|
||||||
@@ -3208,7 +3267,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3248,7 +3307,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3334,7 +3393,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -3618,7 +3677,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -3696,7 +3755,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3726,7 +3785,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
@@ -5043,7 +5102,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5108,7 +5167,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5167,7 +5226,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -5191,7 +5250,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5303,7 +5362,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -5327,7 +5386,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5388,11 +5447,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -5419,9 +5495,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -5484,7 +5563,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -5502,7 +5581,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -5526,7 +5605,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -5550,7 +5629,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5873,7 +5952,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5938,7 +6017,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5997,7 +6076,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -6021,7 +6100,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -6133,7 +6212,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -6157,7 +6236,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -6218,11 +6297,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -6249,9 +6345,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -6314,7 +6413,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -6332,7 +6431,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -6356,7 +6455,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -6380,7 +6479,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -6715,7 +6814,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -6780,7 +6879,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -6839,7 +6938,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -6863,7 +6962,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -6975,7 +7074,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -6999,7 +7098,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -7060,11 +7159,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -7091,9 +7207,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -7156,7 +7275,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -7174,7 +7293,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -7198,7 +7317,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -7222,7 +7341,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -7413,7 +7532,7 @@ spec:
|
|||||||
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
||||||
type: string
|
type: string
|
||||||
resourceClaimTemplateName:
|
resourceClaimTemplateName:
|
||||||
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -7424,7 +7543,7 @@ spec:
|
|||||||
- name
|
- name
|
||||||
x-kubernetes-list-type: map
|
x-kubernetes-list-type: map
|
||||||
restartPolicy:
|
restartPolicy:
|
||||||
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
||||||
type: string
|
type: string
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
||||||
@@ -7433,7 +7552,7 @@ spec:
|
|||||||
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
||||||
type: string
|
type: string
|
||||||
schedulingGates:
|
schedulingGates:
|
||||||
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate."
|
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate."
|
||||||
items:
|
items:
|
||||||
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
||||||
properties:
|
properties:
|
||||||
@@ -7488,7 +7607,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -7528,7 +7647,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -7614,7 +7733,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -7898,7 +8017,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -7976,7 +8095,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -8003,7 +8122,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: ephemeralrunners.actions.github.com
|
name: ephemeralrunners.actions.github.com
|
||||||
spec:
|
spec:
|
||||||
group: actions.github.com
|
group: actions.github.com
|
||||||
@@ -779,7 +778,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -844,7 +843,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -903,7 +902,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -927,7 +926,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1039,7 +1038,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1063,7 +1062,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1124,11 +1123,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1155,9 +1171,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1220,7 +1239,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1238,7 +1257,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1262,7 +1281,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1286,7 +1305,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1609,7 +1628,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1674,7 +1693,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1733,7 +1752,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1757,7 +1776,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1869,7 +1888,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1893,7 +1912,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1954,11 +1973,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1985,9 +2021,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2050,7 +2089,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2068,7 +2107,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2092,7 +2131,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2116,7 +2155,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2451,7 +2490,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2516,7 +2555,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2575,7 +2614,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2599,7 +2638,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2711,7 +2750,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2735,7 +2774,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2796,11 +2835,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2827,9 +2883,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -2892,7 +2951,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2910,7 +2969,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2934,7 +2993,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2958,7 +3017,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3149,7 +3208,7 @@ spec:
|
|||||||
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
||||||
type: string
|
type: string
|
||||||
resourceClaimTemplateName:
|
resourceClaimTemplateName:
|
||||||
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -3160,7 +3219,7 @@ spec:
|
|||||||
- name
|
- name
|
||||||
x-kubernetes-list-type: map
|
x-kubernetes-list-type: map
|
||||||
restartPolicy:
|
restartPolicy:
|
||||||
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
||||||
type: string
|
type: string
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
||||||
@@ -3169,7 +3228,7 @@ spec:
|
|||||||
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
||||||
type: string
|
type: string
|
||||||
schedulingGates:
|
schedulingGates:
|
||||||
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate."
|
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate."
|
||||||
items:
|
items:
|
||||||
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
||||||
properties:
|
properties:
|
||||||
@@ -3224,7 +3283,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3264,7 +3323,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3350,7 +3409,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -3634,7 +3693,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -3712,7 +3771,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3739,7 +3798,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: ephemeralrunnersets.actions.github.com
|
name: ephemeralrunnersets.actions.github.com
|
||||||
spec:
|
spec:
|
||||||
group: actions.github.com
|
group: actions.github.com
|
||||||
@@ -773,7 +772,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -838,7 +837,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -897,7 +896,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -921,7 +920,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1033,7 +1032,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1057,7 +1056,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1118,11 +1117,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1149,9 +1165,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1214,7 +1233,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1232,7 +1251,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1256,7 +1275,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1280,7 +1299,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1603,7 +1622,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1668,7 +1687,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1727,7 +1746,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1751,7 +1770,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1863,7 +1882,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1887,7 +1906,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1948,11 +1967,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1979,9 +2015,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2044,7 +2083,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2062,7 +2101,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2086,7 +2125,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2110,7 +2149,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2445,7 +2484,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2510,7 +2549,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2569,7 +2608,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2593,7 +2632,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2705,7 +2744,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2729,7 +2768,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2790,11 +2829,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2821,9 +2877,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -2886,7 +2945,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2904,7 +2963,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2928,7 +2987,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2952,7 +3011,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3143,7 +3202,7 @@ spec:
|
|||||||
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
||||||
type: string
|
type: string
|
||||||
resourceClaimTemplateName:
|
resourceClaimTemplateName:
|
||||||
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -3154,7 +3213,7 @@ spec:
|
|||||||
- name
|
- name
|
||||||
x-kubernetes-list-type: map
|
x-kubernetes-list-type: map
|
||||||
restartPolicy:
|
restartPolicy:
|
||||||
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
||||||
type: string
|
type: string
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
||||||
@@ -3163,7 +3222,7 @@ spec:
|
|||||||
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
||||||
type: string
|
type: string
|
||||||
schedulingGates:
|
schedulingGates:
|
||||||
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate."
|
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate."
|
||||||
items:
|
items:
|
||||||
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
||||||
properties:
|
properties:
|
||||||
@@ -3218,7 +3277,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3258,7 +3317,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3344,7 +3403,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -3628,7 +3687,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -3706,7 +3765,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3733,7 +3792,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
|
|||||||
@@ -2,4 +2,3 @@ Thank you for installing {{ .Chart.Name }}.
|
|||||||
|
|
||||||
Your release is named {{ .Release.Name }}.
|
Your release is named {{ .Release.Name }}.
|
||||||
|
|
||||||
WARNING: value specified under image.pullPolicy will be ignored and no longer be applied to the listener pod spec as of gha-runner-scale-set-0.7.0. Please use the listenerTemplate in the gha-runner-scale-set chart to control the image pull policy of the listener.
|
|
||||||
|
|||||||
@@ -48,7 +48,7 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
|||||||
app.kubernetes.io/part-of: gha-rs-controller
|
app.kubernetes.io/part-of: gha-rs-controller
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||||
{{- range $k, $v := .Values.labels }}
|
{{- range $k, $v := .Values.labels }}
|
||||||
{{ $k }}: {{ $v }}
|
{{ $k }}: {{ $v | quote }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
|||||||
@@ -27,6 +27,9 @@ spec:
|
|||||||
app.kubernetes.io/component: controller-manager
|
app.kubernetes.io/component: controller-manager
|
||||||
app.kubernetes.io/version: {{ .Chart.Version }}
|
app.kubernetes.io/version: {{ .Chart.Version }}
|
||||||
{{- include "gha-runner-scale-set-controller.selectorLabels" . | nindent 8 }}
|
{{- include "gha-runner-scale-set-controller.selectorLabels" . | nindent 8 }}
|
||||||
|
{{- with .Values.podLabels }}
|
||||||
|
{{- toYaml . | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
{{- with .Values.imagePullSecrets }}
|
{{- with .Values.imagePullSecrets }}
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
@@ -91,8 +94,6 @@ spec:
|
|||||||
valueFrom:
|
valueFrom:
|
||||||
fieldRef:
|
fieldRef:
|
||||||
fieldPath: metadata.namespace
|
fieldPath: metadata.namespace
|
||||||
- name: CONTROLLER_MANAGER_LISTENER_IMAGE_PULL_POLICY
|
|
||||||
value: "{{ .Values.image.pullPolicy | default "IfNotPresent" }}"
|
|
||||||
{{- with .Values.env }}
|
{{- with .Values.env }}
|
||||||
{{- if kindIs "slice" . }}
|
{{- if kindIs "slice" . }}
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
|
|||||||
@@ -368,14 +368,12 @@ func TestTemplate_ControllerDeployment_Defaults(t *testing.T) {
|
|||||||
}
|
}
|
||||||
assert.ElementsMatch(t, expectedArgs, deployment.Spec.Template.Spec.Containers[0].Args)
|
assert.ElementsMatch(t, expectedArgs, deployment.Spec.Template.Spec.Containers[0].Args)
|
||||||
|
|
||||||
assert.Len(t, deployment.Spec.Template.Spec.Containers[0].Env, 3)
|
assert.Len(t, deployment.Spec.Template.Spec.Containers[0].Env, 2)
|
||||||
assert.Equal(t, "CONTROLLER_MANAGER_CONTAINER_IMAGE", deployment.Spec.Template.Spec.Containers[0].Env[0].Name)
|
assert.Equal(t, "CONTROLLER_MANAGER_CONTAINER_IMAGE", deployment.Spec.Template.Spec.Containers[0].Env[0].Name)
|
||||||
assert.Equal(t, managerImage, deployment.Spec.Template.Spec.Containers[0].Env[0].Value)
|
assert.Equal(t, managerImage, deployment.Spec.Template.Spec.Containers[0].Env[0].Value)
|
||||||
|
|
||||||
assert.Equal(t, "CONTROLLER_MANAGER_POD_NAMESPACE", deployment.Spec.Template.Spec.Containers[0].Env[1].Name)
|
assert.Equal(t, "CONTROLLER_MANAGER_POD_NAMESPACE", deployment.Spec.Template.Spec.Containers[0].Env[1].Name)
|
||||||
assert.Equal(t, "metadata.namespace", deployment.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath)
|
assert.Equal(t, "metadata.namespace", deployment.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath)
|
||||||
assert.Equal(t, "CONTROLLER_MANAGER_LISTENER_IMAGE_PULL_POLICY", deployment.Spec.Template.Spec.Containers[0].Env[2].Name)
|
|
||||||
assert.Equal(t, "IfNotPresent", deployment.Spec.Template.Spec.Containers[0].Env[2].Value) // default value. Needs to align with controllers/actions.github.com/resourcebuilder.go
|
|
||||||
|
|
||||||
assert.Empty(t, deployment.Spec.Template.Spec.Containers[0].Resources)
|
assert.Empty(t, deployment.Spec.Template.Spec.Containers[0].Resources)
|
||||||
assert.Nil(t, deployment.Spec.Template.Spec.Containers[0].SecurityContext)
|
assert.Nil(t, deployment.Spec.Template.Spec.Containers[0].SecurityContext)
|
||||||
@@ -406,6 +404,8 @@ func TestTemplate_ControllerDeployment_Customize(t *testing.T) {
|
|||||||
SetValues: map[string]string{
|
SetValues: map[string]string{
|
||||||
"labels.foo": "bar",
|
"labels.foo": "bar",
|
||||||
"labels.github": "actions",
|
"labels.github": "actions",
|
||||||
|
"labels.team": "GitHub Team",
|
||||||
|
"labels.teamMail": "team@github.com",
|
||||||
"replicaCount": "1",
|
"replicaCount": "1",
|
||||||
"image.pullPolicy": "Always",
|
"image.pullPolicy": "Always",
|
||||||
"image.tag": "dev",
|
"image.tag": "dev",
|
||||||
@@ -447,6 +447,8 @@ func TestTemplate_ControllerDeployment_Customize(t *testing.T) {
|
|||||||
assert.Equal(t, "gha-rs-controller", deployment.Labels["app.kubernetes.io/part-of"])
|
assert.Equal(t, "gha-rs-controller", deployment.Labels["app.kubernetes.io/part-of"])
|
||||||
assert.Equal(t, "bar", deployment.Labels["foo"])
|
assert.Equal(t, "bar", deployment.Labels["foo"])
|
||||||
assert.Equal(t, "actions", deployment.Labels["github"])
|
assert.Equal(t, "actions", deployment.Labels["github"])
|
||||||
|
assert.Equal(t, "GitHub Team", deployment.Labels["team"])
|
||||||
|
assert.Equal(t, "team@github.com", deployment.Labels["teamMail"])
|
||||||
|
|
||||||
assert.Equal(t, int32(1), *deployment.Spec.Replicas)
|
assert.Equal(t, int32(1), *deployment.Spec.Replicas)
|
||||||
|
|
||||||
@@ -459,8 +461,8 @@ func TestTemplate_ControllerDeployment_Customize(t *testing.T) {
|
|||||||
assert.Equal(t, "bar", deployment.Spec.Template.Annotations["foo"])
|
assert.Equal(t, "bar", deployment.Spec.Template.Annotations["foo"])
|
||||||
assert.Equal(t, "manager", deployment.Spec.Template.Annotations["kubectl.kubernetes.io/default-container"])
|
assert.Equal(t, "manager", deployment.Spec.Template.Annotations["kubectl.kubernetes.io/default-container"])
|
||||||
|
|
||||||
assert.Equal(t, "ENV_VAR_NAME_1", deployment.Spec.Template.Spec.Containers[0].Env[3].Name)
|
assert.Equal(t, "ENV_VAR_NAME_1", deployment.Spec.Template.Spec.Containers[0].Env[2].Name)
|
||||||
assert.Equal(t, "ENV_VAR_VALUE_1", deployment.Spec.Template.Spec.Containers[0].Env[3].Value)
|
assert.Equal(t, "ENV_VAR_VALUE_1", deployment.Spec.Template.Spec.Containers[0].Env[2].Value)
|
||||||
|
|
||||||
assert.Len(t, deployment.Spec.Template.Spec.ImagePullSecrets, 1)
|
assert.Len(t, deployment.Spec.Template.Spec.ImagePullSecrets, 1)
|
||||||
assert.Equal(t, "dockerhub", deployment.Spec.Template.Spec.ImagePullSecrets[0].Name)
|
assert.Equal(t, "dockerhub", deployment.Spec.Template.Spec.ImagePullSecrets[0].Name)
|
||||||
@@ -505,17 +507,15 @@ func TestTemplate_ControllerDeployment_Customize(t *testing.T) {
|
|||||||
|
|
||||||
assert.ElementsMatch(t, expectArgs, deployment.Spec.Template.Spec.Containers[0].Args)
|
assert.ElementsMatch(t, expectArgs, deployment.Spec.Template.Spec.Containers[0].Args)
|
||||||
|
|
||||||
assert.Len(t, deployment.Spec.Template.Spec.Containers[0].Env, 4)
|
assert.Len(t, deployment.Spec.Template.Spec.Containers[0].Env, 3)
|
||||||
assert.Equal(t, "CONTROLLER_MANAGER_CONTAINER_IMAGE", deployment.Spec.Template.Spec.Containers[0].Env[0].Name)
|
assert.Equal(t, "CONTROLLER_MANAGER_CONTAINER_IMAGE", deployment.Spec.Template.Spec.Containers[0].Env[0].Name)
|
||||||
assert.Equal(t, managerImage, deployment.Spec.Template.Spec.Containers[0].Env[0].Value)
|
assert.Equal(t, managerImage, deployment.Spec.Template.Spec.Containers[0].Env[0].Value)
|
||||||
|
|
||||||
assert.Equal(t, "CONTROLLER_MANAGER_POD_NAMESPACE", deployment.Spec.Template.Spec.Containers[0].Env[1].Name)
|
assert.Equal(t, "CONTROLLER_MANAGER_POD_NAMESPACE", deployment.Spec.Template.Spec.Containers[0].Env[1].Name)
|
||||||
assert.Equal(t, "metadata.namespace", deployment.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath)
|
assert.Equal(t, "metadata.namespace", deployment.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath)
|
||||||
assert.Equal(t, "CONTROLLER_MANAGER_LISTENER_IMAGE_PULL_POLICY", deployment.Spec.Template.Spec.Containers[0].Env[2].Name)
|
|
||||||
assert.Equal(t, "Always", deployment.Spec.Template.Spec.Containers[0].Env[2].Value) // default value. Needs to align with controllers/actions.github.com/resourcebuilder.go
|
|
||||||
|
|
||||||
assert.Equal(t, "ENV_VAR_NAME_1", deployment.Spec.Template.Spec.Containers[0].Env[3].Name)
|
assert.Equal(t, "ENV_VAR_NAME_1", deployment.Spec.Template.Spec.Containers[0].Env[2].Name)
|
||||||
assert.Equal(t, "ENV_VAR_VALUE_1", deployment.Spec.Template.Spec.Containers[0].Env[3].Value)
|
assert.Equal(t, "ENV_VAR_VALUE_1", deployment.Spec.Template.Spec.Containers[0].Env[2].Value)
|
||||||
|
|
||||||
assert.Equal(t, "500m", deployment.Spec.Template.Spec.Containers[0].Resources.Limits.Cpu().String())
|
assert.Equal(t, "500m", deployment.Spec.Template.Spec.Containers[0].Resources.Limits.Cpu().String())
|
||||||
assert.True(t, *deployment.Spec.Template.Spec.Containers[0].SecurityContext.RunAsNonRoot)
|
assert.True(t, *deployment.Spec.Template.Spec.Containers[0].SecurityContext.RunAsNonRoot)
|
||||||
@@ -762,14 +762,12 @@ func TestTemplate_ControllerDeployment_WatchSingleNamespace(t *testing.T) {
|
|||||||
|
|
||||||
assert.ElementsMatch(t, expectedArgs, deployment.Spec.Template.Spec.Containers[0].Args)
|
assert.ElementsMatch(t, expectedArgs, deployment.Spec.Template.Spec.Containers[0].Args)
|
||||||
|
|
||||||
assert.Len(t, deployment.Spec.Template.Spec.Containers[0].Env, 3)
|
assert.Len(t, deployment.Spec.Template.Spec.Containers[0].Env, 2)
|
||||||
assert.Equal(t, "CONTROLLER_MANAGER_CONTAINER_IMAGE", deployment.Spec.Template.Spec.Containers[0].Env[0].Name)
|
assert.Equal(t, "CONTROLLER_MANAGER_CONTAINER_IMAGE", deployment.Spec.Template.Spec.Containers[0].Env[0].Name)
|
||||||
assert.Equal(t, managerImage, deployment.Spec.Template.Spec.Containers[0].Env[0].Value)
|
assert.Equal(t, managerImage, deployment.Spec.Template.Spec.Containers[0].Env[0].Value)
|
||||||
|
|
||||||
assert.Equal(t, "CONTROLLER_MANAGER_POD_NAMESPACE", deployment.Spec.Template.Spec.Containers[0].Env[1].Name)
|
assert.Equal(t, "CONTROLLER_MANAGER_POD_NAMESPACE", deployment.Spec.Template.Spec.Containers[0].Env[1].Name)
|
||||||
assert.Equal(t, "metadata.namespace", deployment.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath)
|
assert.Equal(t, "metadata.namespace", deployment.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath)
|
||||||
assert.Equal(t, "CONTROLLER_MANAGER_LISTENER_IMAGE_PULL_POLICY", deployment.Spec.Template.Spec.Containers[0].Env[2].Name)
|
|
||||||
assert.Equal(t, "IfNotPresent", deployment.Spec.Template.Spec.Containers[0].Env[2].Value) // default value. Needs to align with controllers/actions.github.com/resourcebuilder.go
|
|
||||||
|
|
||||||
assert.Empty(t, deployment.Spec.Template.Spec.Containers[0].Resources)
|
assert.Empty(t, deployment.Spec.Template.Spec.Containers[0].Resources)
|
||||||
assert.Nil(t, deployment.Spec.Template.Spec.Containers[0].SecurityContext)
|
assert.Nil(t, deployment.Spec.Template.Spec.Containers[0].SecurityContext)
|
||||||
@@ -812,17 +810,17 @@ func TestTemplate_ControllerContainerEnvironmentVariables(t *testing.T) {
|
|||||||
assert.Equal(t, namespaceName, deployment.Namespace)
|
assert.Equal(t, namespaceName, deployment.Namespace)
|
||||||
assert.Equal(t, "test-arc-gha-rs-controller", deployment.Name)
|
assert.Equal(t, "test-arc-gha-rs-controller", deployment.Name)
|
||||||
|
|
||||||
assert.Len(t, deployment.Spec.Template.Spec.Containers[0].Env, 7)
|
assert.Len(t, deployment.Spec.Template.Spec.Containers[0].Env, 6)
|
||||||
assert.Equal(t, "ENV_VAR_NAME_1", deployment.Spec.Template.Spec.Containers[0].Env[3].Name)
|
assert.Equal(t, "ENV_VAR_NAME_1", deployment.Spec.Template.Spec.Containers[0].Env[2].Name)
|
||||||
assert.Equal(t, "ENV_VAR_VALUE_1", deployment.Spec.Template.Spec.Containers[0].Env[3].Value)
|
assert.Equal(t, "ENV_VAR_VALUE_1", deployment.Spec.Template.Spec.Containers[0].Env[2].Value)
|
||||||
assert.Equal(t, "ENV_VAR_NAME_2", deployment.Spec.Template.Spec.Containers[0].Env[4].Name)
|
assert.Equal(t, "ENV_VAR_NAME_2", deployment.Spec.Template.Spec.Containers[0].Env[3].Name)
|
||||||
assert.Equal(t, "secret-name", deployment.Spec.Template.Spec.Containers[0].Env[4].ValueFrom.SecretKeyRef.Name)
|
assert.Equal(t, "secret-name", deployment.Spec.Template.Spec.Containers[0].Env[3].ValueFrom.SecretKeyRef.Name)
|
||||||
assert.Equal(t, "ENV_VAR_NAME_2", deployment.Spec.Template.Spec.Containers[0].Env[4].ValueFrom.SecretKeyRef.Key)
|
assert.Equal(t, "ENV_VAR_NAME_2", deployment.Spec.Template.Spec.Containers[0].Env[3].ValueFrom.SecretKeyRef.Key)
|
||||||
assert.True(t, *deployment.Spec.Template.Spec.Containers[0].Env[4].ValueFrom.SecretKeyRef.Optional)
|
assert.True(t, *deployment.Spec.Template.Spec.Containers[0].Env[3].ValueFrom.SecretKeyRef.Optional)
|
||||||
assert.Equal(t, "ENV_VAR_NAME_3", deployment.Spec.Template.Spec.Containers[0].Env[5].Name)
|
assert.Equal(t, "ENV_VAR_NAME_3", deployment.Spec.Template.Spec.Containers[0].Env[4].Name)
|
||||||
assert.Empty(t, deployment.Spec.Template.Spec.Containers[0].Env[5].Value)
|
assert.Empty(t, deployment.Spec.Template.Spec.Containers[0].Env[4].Value)
|
||||||
assert.Equal(t, "ENV_VAR_NAME_4", deployment.Spec.Template.Spec.Containers[0].Env[6].Name)
|
assert.Equal(t, "ENV_VAR_NAME_4", deployment.Spec.Template.Spec.Containers[0].Env[5].Name)
|
||||||
assert.Empty(t, deployment.Spec.Template.Spec.Containers[0].Env[6].ValueFrom)
|
assert.Empty(t, deployment.Spec.Template.Spec.Containers[0].Env[5].ValueFrom)
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestTemplate_WatchSingleNamespace_NotCreateManagerClusterRole(t *testing.T) {
|
func TestTemplate_WatchSingleNamespace_NotCreateManagerClusterRole(t *testing.T) {
|
||||||
|
|||||||
@@ -41,6 +41,8 @@ serviceAccount:
|
|||||||
|
|
||||||
podAnnotations: {}
|
podAnnotations: {}
|
||||||
|
|
||||||
|
podLabels: {}
|
||||||
|
|
||||||
podSecurityContext: {}
|
podSecurityContext: {}
|
||||||
# fsGroup: 2000
|
# fsGroup: 2000
|
||||||
|
|
||||||
|
|||||||
@@ -15,18 +15,18 @@ type: application
|
|||||||
# This is the chart version. This version number should be incremented each time you make changes
|
# This is the chart version. This version number should be incremented each time you make changes
|
||||||
# to the chart and its templates, including the app version.
|
# to the chart and its templates, including the app version.
|
||||||
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
||||||
version: 0.6.0
|
version: 0.7.0
|
||||||
|
|
||||||
# This is the version number of the application being deployed. This version number should be
|
# This is the version number of the application being deployed. This version number should be
|
||||||
# incremented each time you make changes to the application. Versions are not expected to
|
# incremented each time you make changes to the application. Versions are not expected to
|
||||||
# follow Semantic Versioning. They should reflect the version the application is using.
|
# follow Semantic Versioning. They should reflect the version the application is using.
|
||||||
# It is recommended to use it with quotes.
|
# It is recommended to use it with quotes.
|
||||||
appVersion: "0.6.0"
|
appVersion: "0.7.0"
|
||||||
|
|
||||||
home: https://github.com/actions/dev-arc
|
home: https://github.com/actions/actions-runner-controller
|
||||||
|
|
||||||
sources:
|
sources:
|
||||||
- "https://github.com/actions/dev-arc"
|
- "https://github.com/actions/actions-runner-controller"
|
||||||
|
|
||||||
maintainers:
|
maintainers:
|
||||||
- name: actions
|
- name: actions
|
||||||
|
|||||||
@@ -10,6 +10,10 @@ gha-rs
|
|||||||
{{- default (include "gha-base-name" .) .Values.nameOverride | trunc 63 | trimSuffix "-" }}
|
{{- default (include "gha-base-name" .) .Values.nameOverride | trunc 63 | trimSuffix "-" }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "gha-runner-scale-set.scale-set-name" -}}
|
||||||
|
{{ .Values.runnerScaleSetName | default .Release.Name }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
{{/*
|
{{/*
|
||||||
Create a default fully qualified app name.
|
Create a default fully qualified app name.
|
||||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||||
@@ -17,7 +21,7 @@ If release name contains chart name it will be used as a full name.
|
|||||||
*/}}
|
*/}}
|
||||||
{{- define "gha-runner-scale-set.fullname" -}}
|
{{- define "gha-runner-scale-set.fullname" -}}
|
||||||
{{- $name := default (include "gha-base-name" .) }}
|
{{- $name := default (include "gha-base-name" .) }}
|
||||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
|
{{- printf "%s-%s" (include "gha-runner-scale-set.scale-set-name" .) $name | trunc 63 | trimSuffix "-" }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{/*
|
{{/*
|
||||||
@@ -38,7 +42,7 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||||
app.kubernetes.io/part-of: gha-rs
|
app.kubernetes.io/part-of: gha-rs
|
||||||
actions.github.com/scale-set-name: {{ .Release.Name }}
|
actions.github.com/scale-set-name: {{ include "gha-runner-scale-set.scale-set-name" . }}
|
||||||
actions.github.com/scale-set-namespace: {{ .Release.Namespace }}
|
actions.github.com/scale-set-namespace: {{ .Release.Namespace }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
@@ -46,8 +50,8 @@ actions.github.com/scale-set-namespace: {{ .Release.Namespace }}
|
|||||||
Selector labels
|
Selector labels
|
||||||
*/}}
|
*/}}
|
||||||
{{- define "gha-runner-scale-set.selectorLabels" -}}
|
{{- define "gha-runner-scale-set.selectorLabels" -}}
|
||||||
app.kubernetes.io/name: {{ include "gha-runner-scale-set.name" . }}
|
app.kubernetes.io/name: {{ include "gha-runner-scale-set.scale-set-name" . }}
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ include "gha-runner-scale-set.scale-set-name" . }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{- define "gha-runner-scale-set.githubsecret" -}}
|
{{- define "gha-runner-scale-set.githubsecret" -}}
|
||||||
@@ -93,19 +97,26 @@ volumeMounts:
|
|||||||
|
|
||||||
{{- define "gha-runner-scale-set.dind-container" -}}
|
{{- define "gha-runner-scale-set.dind-container" -}}
|
||||||
image: docker:dind
|
image: docker:dind
|
||||||
|
args:
|
||||||
|
- dockerd
|
||||||
|
- --host=unix:///run/docker/docker.sock
|
||||||
|
- --group=$(DOCKER_GROUP_GID)
|
||||||
|
env:
|
||||||
|
- name: DOCKER_GROUP_GID
|
||||||
|
value: "123"
|
||||||
securityContext:
|
securityContext:
|
||||||
privileged: true
|
privileged: true
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: work
|
- name: work
|
||||||
mountPath: /home/runner/_work
|
mountPath: /home/runner/_work
|
||||||
- name: dind-cert
|
- name: dind-sock
|
||||||
mountPath: /certs/client
|
mountPath: /run/docker
|
||||||
- name: dind-externals
|
- name: dind-externals
|
||||||
mountPath: /home/runner/externals
|
mountPath: /home/runner/externals
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{- define "gha-runner-scale-set.dind-volume" -}}
|
{{- define "gha-runner-scale-set.dind-volume" -}}
|
||||||
- name: dind-cert
|
- name: dind-sock
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
- name: dind-externals
|
- name: dind-externals
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
@@ -185,8 +196,6 @@ volumeMounts:
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- $setDockerHost := 1 }}
|
{{- $setDockerHost := 1 }}
|
||||||
{{- $setDockerTlsVerify := 1 }}
|
|
||||||
{{- $setDockerCertPath := 1 }}
|
|
||||||
{{- $setRunnerWaitDocker := 1 }}
|
{{- $setRunnerWaitDocker := 1 }}
|
||||||
{{- $setNodeExtraCaCerts := 0 }}
|
{{- $setNodeExtraCaCerts := 0 }}
|
||||||
{{- $setRunnerUpdateCaCerts := 0 }}
|
{{- $setRunnerUpdateCaCerts := 0 }}
|
||||||
@@ -200,12 +209,6 @@ env:
|
|||||||
{{- if eq $env.name "DOCKER_HOST" }}
|
{{- if eq $env.name "DOCKER_HOST" }}
|
||||||
{{- $setDockerHost = 0 }}
|
{{- $setDockerHost = 0 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if eq $env.name "DOCKER_TLS_VERIFY" }}
|
|
||||||
{{- $setDockerTlsVerify = 0 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if eq $env.name "DOCKER_CERT_PATH" }}
|
|
||||||
{{- $setDockerCertPath = 0 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if eq $env.name "RUNNER_WAIT_FOR_DOCKER_IN_SECONDS" }}
|
{{- if eq $env.name "RUNNER_WAIT_FOR_DOCKER_IN_SECONDS" }}
|
||||||
{{- $setRunnerWaitDocker = 0 }}
|
{{- $setRunnerWaitDocker = 0 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@@ -220,15 +223,7 @@ env:
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if $setDockerHost }}
|
{{- if $setDockerHost }}
|
||||||
- name: DOCKER_HOST
|
- name: DOCKER_HOST
|
||||||
value: tcp://localhost:2376
|
value: unix:///run/docker/docker.sock
|
||||||
{{- end }}
|
|
||||||
{{- if $setDockerTlsVerify }}
|
|
||||||
- name: DOCKER_TLS_VERIFY
|
|
||||||
value: "1"
|
|
||||||
{{- end }}
|
|
||||||
{{- if $setDockerCertPath }}
|
|
||||||
- name: DOCKER_CERT_PATH
|
|
||||||
value: /certs/client
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if $setRunnerWaitDocker }}
|
{{- if $setRunnerWaitDocker }}
|
||||||
- name: RUNNER_WAIT_FOR_DOCKER_IN_SECONDS
|
- name: RUNNER_WAIT_FOR_DOCKER_IN_SECONDS
|
||||||
@@ -254,7 +249,7 @@ volumeMounts:
|
|||||||
{{- if eq $volMount.name "work" }}
|
{{- if eq $volMount.name "work" }}
|
||||||
{{- $mountWork = 0 }}
|
{{- $mountWork = 0 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if eq $volMount.name "dind-cert" }}
|
{{- if eq $volMount.name "dind-sock" }}
|
||||||
{{- $mountDindCert = 0 }}
|
{{- $mountDindCert = 0 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if eq $volMount.name "github-server-tls-cert" }}
|
{{- if eq $volMount.name "github-server-tls-cert" }}
|
||||||
@@ -268,8 +263,8 @@ volumeMounts:
|
|||||||
mountPath: /home/runner/_work
|
mountPath: /home/runner/_work
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if $mountDindCert }}
|
{{- if $mountDindCert }}
|
||||||
- name: dind-cert
|
- name: dind-sock
|
||||||
mountPath: /certs/client
|
mountPath: /run/docker
|
||||||
readOnly: true
|
readOnly: true
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if $mountGitHubServerTLS }}
|
{{- if $mountGitHubServerTLS }}
|
||||||
|
|||||||
@@ -1,13 +1,13 @@
|
|||||||
apiVersion: actions.github.com/v1alpha1
|
apiVersion: actions.github.com/v1alpha1
|
||||||
kind: AutoscalingRunnerSet
|
kind: AutoscalingRunnerSet
|
||||||
metadata:
|
metadata:
|
||||||
{{- if or (not .Release.Name) (gt (len .Release.Name) 45) }}
|
{{- if or (not (include "gha-runner-scale-set.scale-set-name" .)) (gt (len (include "gha-runner-scale-set.scale-set-name" .)) 45) }}
|
||||||
{{ fail "Name must have up to 45 characters" }}
|
{{ fail "Name must have up to 45 characters" }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if gt (len .Release.Namespace) 63 }}
|
{{- if gt (len .Release.Namespace) 63 }}
|
||||||
{{ fail "Namespace must have up to 63 characters" }}
|
{{ fail "Namespace must have up to 63 characters" }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
name: {{ .Values.runnerScaleSetName | default .Release.Name }}
|
name: {{ include "gha-runner-scale-set.scale-set-name" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/component: "autoscaling-runner-set"
|
app.kubernetes.io/component: "autoscaling-runner-set"
|
||||||
|
|||||||
@@ -5,6 +5,12 @@ kind: ServiceAccount
|
|||||||
metadata:
|
metadata:
|
||||||
name: {{ include "gha-runner-scale-set.kubeModeServiceAccountName" . }}
|
name: {{ include "gha-runner-scale-set.kubeModeServiceAccountName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
|
{{- if .Values.containerMode.kubernetesModeServiceAccount }}
|
||||||
|
{{- with .Values.containerMode.kubernetesModeServiceAccount.annotations }}
|
||||||
|
annotations:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
finalizers:
|
finalizers:
|
||||||
- actions.github.com/cleanup-protection
|
- actions.github.com/cleanup-protection
|
||||||
labels:
|
labels:
|
||||||
|
|||||||
@@ -330,7 +330,7 @@ func TestTemplateRenderedAutoScalingRunnerSet(t *testing.T) {
|
|||||||
assert.Equal(t, namespaceName, ars.Namespace)
|
assert.Equal(t, namespaceName, ars.Namespace)
|
||||||
assert.Equal(t, "test-runners", ars.Name)
|
assert.Equal(t, "test-runners", ars.Name)
|
||||||
|
|
||||||
assert.Equal(t, "gha-rs", ars.Labels["app.kubernetes.io/name"])
|
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/name"])
|
||||||
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/instance"])
|
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/instance"])
|
||||||
assert.Equal(t, "gha-rs", ars.Labels["app.kubernetes.io/part-of"])
|
assert.Equal(t, "gha-rs", ars.Labels["app.kubernetes.io/part-of"])
|
||||||
assert.Equal(t, "autoscaling-runner-set", ars.Labels["app.kubernetes.io/component"])
|
assert.Equal(t, "autoscaling-runner-set", ars.Labels["app.kubernetes.io/component"])
|
||||||
@@ -361,6 +361,7 @@ func TestTemplateRenderedAutoScalingRunnerSet_RunnerScaleSetName(t *testing.T) {
|
|||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
releaseName := "test-runners"
|
releaseName := "test-runners"
|
||||||
|
nameOverride := "test-runner-scale-set-name"
|
||||||
namespaceName := "test-" + strings.ToLower(random.UniqueId())
|
namespaceName := "test-" + strings.ToLower(random.UniqueId())
|
||||||
|
|
||||||
options := &helm.Options{
|
options := &helm.Options{
|
||||||
@@ -368,7 +369,7 @@ func TestTemplateRenderedAutoScalingRunnerSet_RunnerScaleSetName(t *testing.T) {
|
|||||||
SetValues: map[string]string{
|
SetValues: map[string]string{
|
||||||
"githubConfigUrl": "https://github.com/actions",
|
"githubConfigUrl": "https://github.com/actions",
|
||||||
"githubConfigSecret.github_token": "gh_token12345",
|
"githubConfigSecret.github_token": "gh_token12345",
|
||||||
"runnerScaleSetName": "test-runner-scale-set-name",
|
"runnerScaleSetName": nameOverride,
|
||||||
"controllerServiceAccount.name": "arc",
|
"controllerServiceAccount.name": "arc",
|
||||||
"controllerServiceAccount.namespace": "arc-system",
|
"controllerServiceAccount.namespace": "arc-system",
|
||||||
},
|
},
|
||||||
@@ -381,12 +382,15 @@ func TestTemplateRenderedAutoScalingRunnerSet_RunnerScaleSetName(t *testing.T) {
|
|||||||
helm.UnmarshalK8SYaml(t, output, &ars)
|
helm.UnmarshalK8SYaml(t, output, &ars)
|
||||||
|
|
||||||
assert.Equal(t, namespaceName, ars.Namespace)
|
assert.Equal(t, namespaceName, ars.Namespace)
|
||||||
assert.Equal(t, "test-runner-scale-set-name", ars.Name)
|
assert.Equal(t, nameOverride, ars.Name)
|
||||||
|
|
||||||
assert.Equal(t, "gha-rs", ars.Labels["app.kubernetes.io/name"])
|
assert.Equal(t, nameOverride, ars.Labels["app.kubernetes.io/name"])
|
||||||
assert.Equal(t, releaseName, ars.Labels["app.kubernetes.io/instance"])
|
assert.Equal(t, nameOverride, ars.Labels["app.kubernetes.io/instance"])
|
||||||
|
assert.Equal(t, nameOverride, ars.Labels["actions.github.com/scale-set-name"])
|
||||||
|
assert.Equal(t, namespaceName, ars.Labels["actions.github.com/scale-set-namespace"])
|
||||||
|
assert.Equal(t, "gha-rs", ars.Labels["app.kubernetes.io/part-of"])
|
||||||
assert.Equal(t, "https://github.com/actions", ars.Spec.GitHubConfigUrl)
|
assert.Equal(t, "https://github.com/actions", ars.Spec.GitHubConfigUrl)
|
||||||
assert.Equal(t, "test-runners-gha-rs-github-secret", ars.Spec.GitHubConfigSecret)
|
assert.Equal(t, nameOverride+"-gha-rs-github-secret", ars.Spec.GitHubConfigSecret)
|
||||||
assert.Equal(t, "test-runner-scale-set-name", ars.Spec.RunnerScaleSetName)
|
assert.Equal(t, "test-runner-scale-set-name", ars.Spec.RunnerScaleSetName)
|
||||||
|
|
||||||
assert.Empty(t, ars.Spec.RunnerGroup, "RunnerGroup should be empty")
|
assert.Empty(t, ars.Spec.RunnerGroup, "RunnerGroup should be empty")
|
||||||
@@ -738,6 +742,37 @@ func TestTemplateRenderedAutoScalingRunnerSet_DinD_ExtraInitContainers(t *testin
|
|||||||
assert.Equal(t, "ls", ars.Spec.Template.Spec.InitContainers[2].Command[0], "InitContainers[2] Command[0] should be ls")
|
assert.Equal(t, "ls", ars.Spec.Template.Spec.InitContainers[2].Command[0], "InitContainers[2] Command[0] should be ls")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestTemplateRenderedKubernetesModeServiceAccountAnnotations(t *testing.T) {
|
||||||
|
t.Parallel()
|
||||||
|
|
||||||
|
// Path to the helm chart we will test
|
||||||
|
helmChartPath, err := filepath.Abs("../../gha-runner-scale-set")
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
testValuesPath, err := filepath.Abs("../tests/values_kubernetes_mode_service_account_annotations.yaml")
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
releaseName := "test-runners"
|
||||||
|
namespaceName := "test-" + strings.ToLower(random.UniqueId())
|
||||||
|
|
||||||
|
options := &helm.Options{
|
||||||
|
Logger: logger.Discard,
|
||||||
|
SetValues: map[string]string{
|
||||||
|
"controllerServiceAccount.name": "arc",
|
||||||
|
"controllerServiceAccount.namespace": "arc-system",
|
||||||
|
},
|
||||||
|
ValuesFiles: []string{testValuesPath},
|
||||||
|
KubectlOptions: k8s.NewKubectlOptions("", "", namespaceName),
|
||||||
|
}
|
||||||
|
|
||||||
|
output := helm.RenderTemplate(t, options, helmChartPath, releaseName, []string{"templates/kube_mode_serviceaccount.yaml"})
|
||||||
|
|
||||||
|
var sa corev1.ServiceAccount
|
||||||
|
helm.UnmarshalK8SYaml(t, output, &sa)
|
||||||
|
|
||||||
|
assert.Equal(t, "arn:aws:iam::123456789012:role/sample-role", sa.Annotations["eks.amazonaws.com/role-arn"], "Annotations should be arn:aws:iam::123456789012:role/sample-role")
|
||||||
|
}
|
||||||
|
|
||||||
func TestTemplateRenderedAutoScalingRunnerSet_DinD_ExtraVolumes(t *testing.T) {
|
func TestTemplateRenderedAutoScalingRunnerSet_DinD_ExtraVolumes(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
|
|
||||||
@@ -767,7 +802,7 @@ func TestTemplateRenderedAutoScalingRunnerSet_DinD_ExtraVolumes(t *testing.T) {
|
|||||||
helm.UnmarshalK8SYaml(t, output, &ars)
|
helm.UnmarshalK8SYaml(t, output, &ars)
|
||||||
|
|
||||||
assert.Len(t, ars.Spec.Template.Spec.Volumes, 5, "Volumes should be 5")
|
assert.Len(t, ars.Spec.Template.Spec.Volumes, 5, "Volumes should be 5")
|
||||||
assert.Equal(t, "dind-cert", ars.Spec.Template.Spec.Volumes[0].Name, "Volume name should be dind-cert")
|
assert.Equal(t, "dind-sock", ars.Spec.Template.Spec.Volumes[0].Name, "Volume name should be dind-sock")
|
||||||
assert.Equal(t, "dind-externals", ars.Spec.Template.Spec.Volumes[1].Name, "Volume name should be dind-externals")
|
assert.Equal(t, "dind-externals", ars.Spec.Template.Spec.Volumes[1].Name, "Volume name should be dind-externals")
|
||||||
assert.Equal(t, "work", ars.Spec.Template.Spec.Volumes[2].Name, "Volume name should be work")
|
assert.Equal(t, "work", ars.Spec.Template.Spec.Volumes[2].Name, "Volume name should be work")
|
||||||
assert.Equal(t, "/data", ars.Spec.Template.Spec.Volumes[2].HostPath.Path, "Volume host path should be /data")
|
assert.Equal(t, "/data", ars.Spec.Template.Spec.Volumes[2].HostPath.Path, "Volume host path should be /data")
|
||||||
@@ -840,7 +875,7 @@ func TestTemplateRenderedAutoScalingRunnerSet_EnableDinD(t *testing.T) {
|
|||||||
assert.Equal(t, namespaceName, ars.Namespace)
|
assert.Equal(t, namespaceName, ars.Namespace)
|
||||||
assert.Equal(t, "test-runners", ars.Name)
|
assert.Equal(t, "test-runners", ars.Name)
|
||||||
|
|
||||||
assert.Equal(t, "gha-rs", ars.Labels["app.kubernetes.io/name"])
|
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/name"])
|
||||||
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/instance"])
|
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/instance"])
|
||||||
assert.Equal(t, "https://github.com/actions", ars.Spec.GitHubConfigUrl)
|
assert.Equal(t, "https://github.com/actions", ars.Spec.GitHubConfigUrl)
|
||||||
assert.Equal(t, "test-runners-gha-rs-github-secret", ars.Spec.GitHubConfigSecret)
|
assert.Equal(t, "test-runners-gha-rs-github-secret", ars.Spec.GitHubConfigSecret)
|
||||||
@@ -863,40 +898,36 @@ func TestTemplateRenderedAutoScalingRunnerSet_EnableDinD(t *testing.T) {
|
|||||||
assert.Len(t, ars.Spec.Template.Spec.Containers, 2, "Template.Spec should have 2 container")
|
assert.Len(t, ars.Spec.Template.Spec.Containers, 2, "Template.Spec should have 2 container")
|
||||||
assert.Equal(t, "runner", ars.Spec.Template.Spec.Containers[0].Name)
|
assert.Equal(t, "runner", ars.Spec.Template.Spec.Containers[0].Name)
|
||||||
assert.Equal(t, "ghcr.io/actions/actions-runner:latest", ars.Spec.Template.Spec.Containers[0].Image)
|
assert.Equal(t, "ghcr.io/actions/actions-runner:latest", ars.Spec.Template.Spec.Containers[0].Image)
|
||||||
assert.Len(t, ars.Spec.Template.Spec.Containers[0].Env, 4, "The runner container should have 4 env vars, DOCKER_HOST, DOCKER_TLS_VERIFY, DOCKER_CERT_PATH and RUNNER_WAIT_FOR_DOCKER_IN_SECONDS")
|
assert.Len(t, ars.Spec.Template.Spec.Containers[0].Env, 2, "The runner container should have 2 env vars, DOCKER_HOST and RUNNER_WAIT_FOR_DOCKER_IN_SECONDS")
|
||||||
assert.Equal(t, "DOCKER_HOST", ars.Spec.Template.Spec.Containers[0].Env[0].Name)
|
assert.Equal(t, "DOCKER_HOST", ars.Spec.Template.Spec.Containers[0].Env[0].Name)
|
||||||
assert.Equal(t, "tcp://localhost:2376", ars.Spec.Template.Spec.Containers[0].Env[0].Value)
|
assert.Equal(t, "unix:///run/docker/docker.sock", ars.Spec.Template.Spec.Containers[0].Env[0].Value)
|
||||||
assert.Equal(t, "DOCKER_TLS_VERIFY", ars.Spec.Template.Spec.Containers[0].Env[1].Name)
|
assert.Equal(t, "RUNNER_WAIT_FOR_DOCKER_IN_SECONDS", ars.Spec.Template.Spec.Containers[0].Env[1].Name)
|
||||||
assert.Equal(t, "1", ars.Spec.Template.Spec.Containers[0].Env[1].Value)
|
assert.Equal(t, "120", ars.Spec.Template.Spec.Containers[0].Env[1].Value)
|
||||||
assert.Equal(t, "DOCKER_CERT_PATH", ars.Spec.Template.Spec.Containers[0].Env[2].Name)
|
|
||||||
assert.Equal(t, "/certs/client", ars.Spec.Template.Spec.Containers[0].Env[2].Value)
|
|
||||||
assert.Equal(t, "RUNNER_WAIT_FOR_DOCKER_IN_SECONDS", ars.Spec.Template.Spec.Containers[0].Env[3].Name)
|
|
||||||
assert.Equal(t, "120", ars.Spec.Template.Spec.Containers[0].Env[3].Value)
|
|
||||||
|
|
||||||
assert.Len(t, ars.Spec.Template.Spec.Containers[0].VolumeMounts, 2, "The runner container should have 2 volume mounts, dind-cert and work")
|
assert.Len(t, ars.Spec.Template.Spec.Containers[0].VolumeMounts, 2, "The runner container should have 2 volume mounts, dind-sock and work")
|
||||||
assert.Equal(t, "work", ars.Spec.Template.Spec.Containers[0].VolumeMounts[0].Name)
|
assert.Equal(t, "work", ars.Spec.Template.Spec.Containers[0].VolumeMounts[0].Name)
|
||||||
assert.Equal(t, "/home/runner/_work", ars.Spec.Template.Spec.Containers[0].VolumeMounts[0].MountPath)
|
assert.Equal(t, "/home/runner/_work", ars.Spec.Template.Spec.Containers[0].VolumeMounts[0].MountPath)
|
||||||
assert.False(t, ars.Spec.Template.Spec.Containers[0].VolumeMounts[0].ReadOnly)
|
assert.False(t, ars.Spec.Template.Spec.Containers[0].VolumeMounts[0].ReadOnly)
|
||||||
|
|
||||||
assert.Equal(t, "dind-cert", ars.Spec.Template.Spec.Containers[0].VolumeMounts[1].Name)
|
assert.Equal(t, "dind-sock", ars.Spec.Template.Spec.Containers[0].VolumeMounts[1].Name)
|
||||||
assert.Equal(t, "/certs/client", ars.Spec.Template.Spec.Containers[0].VolumeMounts[1].MountPath)
|
assert.Equal(t, "/run/docker", ars.Spec.Template.Spec.Containers[0].VolumeMounts[1].MountPath)
|
||||||
assert.True(t, ars.Spec.Template.Spec.Containers[0].VolumeMounts[1].ReadOnly)
|
assert.True(t, ars.Spec.Template.Spec.Containers[0].VolumeMounts[1].ReadOnly)
|
||||||
|
|
||||||
assert.Equal(t, "dind", ars.Spec.Template.Spec.Containers[1].Name)
|
assert.Equal(t, "dind", ars.Spec.Template.Spec.Containers[1].Name)
|
||||||
assert.Equal(t, "docker:dind", ars.Spec.Template.Spec.Containers[1].Image)
|
assert.Equal(t, "docker:dind", ars.Spec.Template.Spec.Containers[1].Image)
|
||||||
assert.True(t, *ars.Spec.Template.Spec.Containers[1].SecurityContext.Privileged)
|
assert.True(t, *ars.Spec.Template.Spec.Containers[1].SecurityContext.Privileged)
|
||||||
assert.Len(t, ars.Spec.Template.Spec.Containers[1].VolumeMounts, 3, "The dind container should have 3 volume mounts, dind-cert, work and externals")
|
assert.Len(t, ars.Spec.Template.Spec.Containers[1].VolumeMounts, 3, "The dind container should have 3 volume mounts, dind-sock, work and externals")
|
||||||
assert.Equal(t, "work", ars.Spec.Template.Spec.Containers[1].VolumeMounts[0].Name)
|
assert.Equal(t, "work", ars.Spec.Template.Spec.Containers[1].VolumeMounts[0].Name)
|
||||||
assert.Equal(t, "/home/runner/_work", ars.Spec.Template.Spec.Containers[1].VolumeMounts[0].MountPath)
|
assert.Equal(t, "/home/runner/_work", ars.Spec.Template.Spec.Containers[1].VolumeMounts[0].MountPath)
|
||||||
|
|
||||||
assert.Equal(t, "dind-cert", ars.Spec.Template.Spec.Containers[1].VolumeMounts[1].Name)
|
assert.Equal(t, "dind-sock", ars.Spec.Template.Spec.Containers[1].VolumeMounts[1].Name)
|
||||||
assert.Equal(t, "/certs/client", ars.Spec.Template.Spec.Containers[1].VolumeMounts[1].MountPath)
|
assert.Equal(t, "/run/docker", ars.Spec.Template.Spec.Containers[1].VolumeMounts[1].MountPath)
|
||||||
|
|
||||||
assert.Equal(t, "dind-externals", ars.Spec.Template.Spec.Containers[1].VolumeMounts[2].Name)
|
assert.Equal(t, "dind-externals", ars.Spec.Template.Spec.Containers[1].VolumeMounts[2].Name)
|
||||||
assert.Equal(t, "/home/runner/externals", ars.Spec.Template.Spec.Containers[1].VolumeMounts[2].MountPath)
|
assert.Equal(t, "/home/runner/externals", ars.Spec.Template.Spec.Containers[1].VolumeMounts[2].MountPath)
|
||||||
|
|
||||||
assert.Len(t, ars.Spec.Template.Spec.Volumes, 3, "Volumes should be 3")
|
assert.Len(t, ars.Spec.Template.Spec.Volumes, 3, "Volumes should be 3")
|
||||||
assert.Equal(t, "dind-cert", ars.Spec.Template.Spec.Volumes[0].Name, "Volume name should be dind-cert")
|
assert.Equal(t, "dind-sock", ars.Spec.Template.Spec.Volumes[0].Name, "Volume name should be dind-sock")
|
||||||
assert.Equal(t, "dind-externals", ars.Spec.Template.Spec.Volumes[1].Name, "Volume name should be dind-externals")
|
assert.Equal(t, "dind-externals", ars.Spec.Template.Spec.Volumes[1].Name, "Volume name should be dind-externals")
|
||||||
assert.Equal(t, "work", ars.Spec.Template.Spec.Volumes[2].Name, "Volume name should be work")
|
assert.Equal(t, "work", ars.Spec.Template.Spec.Volumes[2].Name, "Volume name should be work")
|
||||||
assert.NotNil(t, ars.Spec.Template.Spec.Volumes[2].EmptyDir, "Volume work should be an emptyDir")
|
assert.NotNil(t, ars.Spec.Template.Spec.Volumes[2].EmptyDir, "Volume work should be an emptyDir")
|
||||||
@@ -932,7 +963,7 @@ func TestTemplateRenderedAutoScalingRunnerSet_EnableKubernetesMode(t *testing.T)
|
|||||||
assert.Equal(t, namespaceName, ars.Namespace)
|
assert.Equal(t, namespaceName, ars.Namespace)
|
||||||
assert.Equal(t, "test-runners", ars.Name)
|
assert.Equal(t, "test-runners", ars.Name)
|
||||||
|
|
||||||
assert.Equal(t, "gha-rs", ars.Labels["app.kubernetes.io/name"])
|
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/name"])
|
||||||
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/instance"])
|
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/instance"])
|
||||||
assert.Equal(t, "https://github.com/actions", ars.Spec.GitHubConfigUrl)
|
assert.Equal(t, "https://github.com/actions", ars.Spec.GitHubConfigUrl)
|
||||||
assert.Equal(t, "test-runners-gha-rs-github-secret", ars.Spec.GitHubConfigSecret)
|
assert.Equal(t, "test-runners-gha-rs-github-secret", ars.Spec.GitHubConfigSecret)
|
||||||
@@ -1033,7 +1064,7 @@ func TestTemplateRenderedAutoScalingRunnerSet_UsePredefinedSecret(t *testing.T)
|
|||||||
assert.Equal(t, namespaceName, ars.Namespace)
|
assert.Equal(t, namespaceName, ars.Namespace)
|
||||||
assert.Equal(t, "test-runners", ars.Name)
|
assert.Equal(t, "test-runners", ars.Name)
|
||||||
|
|
||||||
assert.Equal(t, "gha-rs", ars.Labels["app.kubernetes.io/name"])
|
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/name"])
|
||||||
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/instance"])
|
assert.Equal(t, "test-runners", ars.Labels["app.kubernetes.io/instance"])
|
||||||
assert.Equal(t, "https://github.com/actions", ars.Spec.GitHubConfigUrl)
|
assert.Equal(t, "https://github.com/actions", ars.Spec.GitHubConfigUrl)
|
||||||
assert.Equal(t, "pre-defined-secrets", ars.Spec.GitHubConfigSecret)
|
assert.Equal(t, "pre-defined-secrets", ars.Spec.GitHubConfigSecret)
|
||||||
@@ -1833,10 +1864,6 @@ func TestTemplateRenderedAutoScalingRunnerSet_DinDMergePodSpec(t *testing.T) {
|
|||||||
assert.Equal(t, "tcp://localhost:9999", ars.Spec.Template.Spec.Containers[0].Env[0].Value, "DOCKER_HOST should be set to `tcp://localhost:9999`")
|
assert.Equal(t, "tcp://localhost:9999", ars.Spec.Template.Spec.Containers[0].Env[0].Value, "DOCKER_HOST should be set to `tcp://localhost:9999`")
|
||||||
assert.Equal(t, "MY_NODE_NAME", ars.Spec.Template.Spec.Containers[0].Env[1].Name, "MY_NODE_NAME should be set")
|
assert.Equal(t, "MY_NODE_NAME", ars.Spec.Template.Spec.Containers[0].Env[1].Name, "MY_NODE_NAME should be set")
|
||||||
assert.Equal(t, "spec.nodeName", ars.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath, "MY_NODE_NAME should be set to `spec.nodeName`")
|
assert.Equal(t, "spec.nodeName", ars.Spec.Template.Spec.Containers[0].Env[1].ValueFrom.FieldRef.FieldPath, "MY_NODE_NAME should be set to `spec.nodeName`")
|
||||||
assert.Equal(t, "DOCKER_TLS_VERIFY", ars.Spec.Template.Spec.Containers[0].Env[2].Name, "DOCKER_TLS_VERIFY should be set")
|
|
||||||
assert.Equal(t, "1", ars.Spec.Template.Spec.Containers[0].Env[2].Value, "DOCKER_TLS_VERIFY should be set to `1`")
|
|
||||||
assert.Equal(t, "DOCKER_CERT_PATH", ars.Spec.Template.Spec.Containers[0].Env[3].Name, "DOCKER_CERT_PATH should be set")
|
|
||||||
assert.Equal(t, "/certs/client", ars.Spec.Template.Spec.Containers[0].Env[3].Value, "DOCKER_CERT_PATH should be set to `/certs/client`")
|
|
||||||
assert.Equal(t, "work", ars.Spec.Template.Spec.Containers[0].VolumeMounts[0].Name, "VolumeMount name should be work")
|
assert.Equal(t, "work", ars.Spec.Template.Spec.Containers[0].VolumeMounts[0].Name, "VolumeMount name should be work")
|
||||||
assert.Equal(t, "/work", ars.Spec.Template.Spec.Containers[0].VolumeMounts[0].MountPath, "VolumeMount mountPath should be /work")
|
assert.Equal(t, "/work", ars.Spec.Template.Spec.Containers[0].VolumeMounts[0].MountPath, "VolumeMount mountPath should be /work")
|
||||||
assert.Equal(t, "others", ars.Spec.Template.Spec.Containers[0].VolumeMounts[1].Name, "VolumeMount name should be others")
|
assert.Equal(t, "others", ars.Spec.Template.Spec.Containers[0].VolumeMounts[1].Name, "VolumeMount name should be others")
|
||||||
|
|||||||
@@ -28,4 +28,4 @@ template:
|
|||||||
path: /data
|
path: /data
|
||||||
type: Directory
|
type: Directory
|
||||||
containerMode:
|
containerMode:
|
||||||
type: kubernetes
|
type: kubernetes
|
||||||
|
|||||||
@@ -0,0 +1,8 @@
|
|||||||
|
githubConfigUrl: https://github.com/actions/actions-runner-controller
|
||||||
|
githubConfigSecret:
|
||||||
|
github_token: test
|
||||||
|
containerMode:
|
||||||
|
type: kubernetes
|
||||||
|
kubernetesModeServiceAccount:
|
||||||
|
annotations:
|
||||||
|
eks.amazonaws.com/role-arn: arn:aws:iam::123456789012:role/sample-role
|
||||||
@@ -84,6 +84,8 @@ githubConfigSecret:
|
|||||||
# resources:
|
# resources:
|
||||||
# requests:
|
# requests:
|
||||||
# storage: 1Gi
|
# storage: 1Gi
|
||||||
|
# kubernetesModeServiceAccount:
|
||||||
|
# annotations:
|
||||||
|
|
||||||
## template is the PodSpec for each listener Pod
|
## template is the PodSpec for each listener Pod
|
||||||
## For reference: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodSpec
|
## For reference: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#PodSpec
|
||||||
@@ -122,32 +124,35 @@ template:
|
|||||||
## command: ["/home/runner/run.sh"]
|
## command: ["/home/runner/run.sh"]
|
||||||
## env:
|
## env:
|
||||||
## - name: DOCKER_HOST
|
## - name: DOCKER_HOST
|
||||||
## value: tcp://localhost:2376
|
## value: unix:///run/docker/docker.sock
|
||||||
## - name: DOCKER_TLS_VERIFY
|
|
||||||
## value: "1"
|
|
||||||
## - name: DOCKER_CERT_PATH
|
|
||||||
## value: /certs/client
|
|
||||||
## volumeMounts:
|
## volumeMounts:
|
||||||
## - name: work
|
## - name: work
|
||||||
## mountPath: /home/runner/_work
|
## mountPath: /home/runner/_work
|
||||||
## - name: dind-cert
|
## - name: dind-sock
|
||||||
## mountPath: /certs/client
|
## mountPath: /run/docker
|
||||||
## readOnly: true
|
## readOnly: true
|
||||||
## - name: dind
|
## - name: dind
|
||||||
## image: docker:dind
|
## image: docker:dind
|
||||||
|
## args:
|
||||||
|
## - dockerd
|
||||||
|
## - --host=unix:///run/docker/docker.sock
|
||||||
|
## - --group=$(DOCKER_GROUP_GID)
|
||||||
|
## env:
|
||||||
|
## - name: DOCKER_GROUP_GID
|
||||||
|
## value: "123"
|
||||||
## securityContext:
|
## securityContext:
|
||||||
## privileged: true
|
## privileged: true
|
||||||
## volumeMounts:
|
## volumeMounts:
|
||||||
## - name: work
|
## - name: work
|
||||||
## mountPath: /home/runner/_work
|
## mountPath: /home/runner/_work
|
||||||
## - name: dind-cert
|
## - name: dind-sock
|
||||||
## mountPath: /certs/client
|
## mountPath: /run/docker
|
||||||
## - name: dind-externals
|
## - name: dind-externals
|
||||||
## mountPath: /home/runner/externals
|
## mountPath: /home/runner/externals
|
||||||
## volumes:
|
## volumes:
|
||||||
## - name: work
|
## - name: work
|
||||||
## emptyDir: {}
|
## emptyDir: {}
|
||||||
## - name: dind-cert
|
## - name: dind-sock
|
||||||
## emptyDir: {}
|
## emptyDir: {}
|
||||||
## - name: dind-externals
|
## - name: dind-externals
|
||||||
## emptyDir: {}
|
## emptyDir: {}
|
||||||
|
|||||||
@@ -8,6 +8,7 @@ import (
|
|||||||
"math"
|
"math"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
"github.com/actions/actions-runner-controller/cmd/githubrunnerscalesetlistener/config"
|
||||||
"github.com/actions/actions-runner-controller/github/actions"
|
"github.com/actions/actions-runner-controller/github/actions"
|
||||||
"github.com/go-logr/logr"
|
"github.com/go-logr/logr"
|
||||||
)
|
)
|
||||||
@@ -30,7 +31,7 @@ type Service struct {
|
|||||||
errs []error
|
errs []error
|
||||||
}
|
}
|
||||||
|
|
||||||
func WithPrometheusMetrics(conf RunnerScaleSetListenerConfig) func(*Service) {
|
func WithPrometheusMetrics(conf config.Config) func(*Service) {
|
||||||
return func(svc *Service) {
|
return func(svc *Service) {
|
||||||
parsedURL, err := actions.ParseGitHubConfigFromURL(conf.ConfigureUrl)
|
parsedURL, err := actions.ParseGitHubConfigFromURL(conf.ConfigureUrl)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -81,6 +82,7 @@ func NewService(
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (s *Service) Start() error {
|
func (s *Service) Start() error {
|
||||||
|
s.metricsExporter.publishStatic(s.settings.MaxRunners, s.settings.MinRunners)
|
||||||
for {
|
for {
|
||||||
s.logger.Info("waiting for message...")
|
s.logger.Info("waiting for message...")
|
||||||
select {
|
select {
|
||||||
|
|||||||
76
cmd/githubrunnerscalesetlistener/config/config.go
Normal file
76
cmd/githubrunnerscalesetlistener/config/config.go
Normal file
@@ -0,0 +1,76 @@
|
|||||||
|
package config
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/json"
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
)
|
||||||
|
|
||||||
|
type Config struct {
|
||||||
|
ConfigureUrl string `json:"configureUrl"`
|
||||||
|
AppID int64 `json:"appID"`
|
||||||
|
AppInstallationID int64 `json:"appInstallationID"`
|
||||||
|
AppPrivateKey string `json:"appPrivateKey"`
|
||||||
|
Token string `json:"token"`
|
||||||
|
EphemeralRunnerSetNamespace string `json:"ephemeralRunnerSetNamespace"`
|
||||||
|
EphemeralRunnerSetName string `json:"ephemeralRunnerSetName"`
|
||||||
|
MaxRunners int `json:"maxRunners"`
|
||||||
|
MinRunners int `json:"minRunners"`
|
||||||
|
RunnerScaleSetId int `json:"runnerScaleSetId"`
|
||||||
|
RunnerScaleSetName string `json:"runnerScaleSetName"`
|
||||||
|
ServerRootCA string `json:"serverRootCA"`
|
||||||
|
LogLevel string `json:"logLevel"`
|
||||||
|
LogFormat string `json:"logFormat"`
|
||||||
|
MetricsAddr string `json:"metricsAddr"`
|
||||||
|
MetricsEndpoint string `json:"metricsEndpoint"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func Read(path string) (Config, error) {
|
||||||
|
f, err := os.Open(path)
|
||||||
|
if err != nil {
|
||||||
|
return Config{}, err
|
||||||
|
}
|
||||||
|
defer f.Close()
|
||||||
|
|
||||||
|
var config Config
|
||||||
|
if err := json.NewDecoder(f).Decode(&config); err != nil {
|
||||||
|
return Config{}, fmt.Errorf("failed to decode config: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := config.validate(); err != nil {
|
||||||
|
return Config{}, fmt.Errorf("failed to validate config: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
return config, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *Config) validate() error {
|
||||||
|
if len(c.ConfigureUrl) == 0 {
|
||||||
|
return fmt.Errorf("GitHubConfigUrl is not provided")
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(c.EphemeralRunnerSetNamespace) == 0 || len(c.EphemeralRunnerSetName) == 0 {
|
||||||
|
return fmt.Errorf("EphemeralRunnerSetNamespace '%s' or EphemeralRunnerSetName '%s' is missing", c.EphemeralRunnerSetNamespace, c.EphemeralRunnerSetName)
|
||||||
|
}
|
||||||
|
|
||||||
|
if c.RunnerScaleSetId == 0 {
|
||||||
|
return fmt.Errorf("RunnerScaleSetId '%d' is missing", c.RunnerScaleSetId)
|
||||||
|
}
|
||||||
|
|
||||||
|
if c.MaxRunners < c.MinRunners {
|
||||||
|
return fmt.Errorf("MinRunners '%d' cannot be greater than MaxRunners '%d'", c.MinRunners, c.MaxRunners)
|
||||||
|
}
|
||||||
|
|
||||||
|
hasToken := len(c.Token) > 0
|
||||||
|
hasPrivateKeyConfig := c.AppID > 0 && c.AppPrivateKey != ""
|
||||||
|
|
||||||
|
if !hasToken && !hasPrivateKeyConfig {
|
||||||
|
return fmt.Errorf("GitHub auth credential is missing, token length: '%d', appId: '%d', installationId: '%d', private key length: '%d", len(c.Token), c.AppID, c.AppInstallationID, len(c.AppPrivateKey))
|
||||||
|
}
|
||||||
|
|
||||||
|
if hasToken && hasPrivateKeyConfig {
|
||||||
|
return fmt.Errorf("only one GitHub auth method supported at a time. Have both PAT and App auth: token length: '%d', appId: '%d', installationId: '%d', private key length: '%d", len(c.Token), c.AppID, c.AppInstallationID, len(c.AppPrivateKey))
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
92
cmd/githubrunnerscalesetlistener/config/config_test.go
Normal file
92
cmd/githubrunnerscalesetlistener/config/config_test.go
Normal file
@@ -0,0 +1,92 @@
|
|||||||
|
package config
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestConfigValidationMinMax(t *testing.T) {
|
||||||
|
config := &Config{
|
||||||
|
ConfigureUrl: "github.com/some_org/some_repo",
|
||||||
|
EphemeralRunnerSetNamespace: "namespace",
|
||||||
|
EphemeralRunnerSetName: "deployment",
|
||||||
|
RunnerScaleSetId: 1,
|
||||||
|
MinRunners: 5,
|
||||||
|
MaxRunners: 2,
|
||||||
|
Token: "token",
|
||||||
|
}
|
||||||
|
err := config.validate()
|
||||||
|
assert.ErrorContains(t, err, "MinRunners '5' cannot be greater than MaxRunners '2", "Expected error about MinRunners > MaxRunners")
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestConfigValidationMissingToken(t *testing.T) {
|
||||||
|
config := &Config{
|
||||||
|
ConfigureUrl: "github.com/some_org/some_repo",
|
||||||
|
EphemeralRunnerSetNamespace: "namespace",
|
||||||
|
EphemeralRunnerSetName: "deployment",
|
||||||
|
RunnerScaleSetId: 1,
|
||||||
|
}
|
||||||
|
err := config.validate()
|
||||||
|
expectedError := fmt.Sprintf("GitHub auth credential is missing, token length: '%d', appId: '%d', installationId: '%d', private key length: '%d", len(config.Token), config.AppID, config.AppInstallationID, len(config.AppPrivateKey))
|
||||||
|
assert.ErrorContains(t, err, expectedError, "Expected error about missing auth")
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestConfigValidationAppKey(t *testing.T) {
|
||||||
|
config := &Config{
|
||||||
|
AppID: 1,
|
||||||
|
AppInstallationID: 10,
|
||||||
|
ConfigureUrl: "github.com/some_org/some_repo",
|
||||||
|
EphemeralRunnerSetNamespace: "namespace",
|
||||||
|
EphemeralRunnerSetName: "deployment",
|
||||||
|
RunnerScaleSetId: 1,
|
||||||
|
}
|
||||||
|
err := config.validate()
|
||||||
|
expectedError := fmt.Sprintf("GitHub auth credential is missing, token length: '%d', appId: '%d', installationId: '%d', private key length: '%d", len(config.Token), config.AppID, config.AppInstallationID, len(config.AppPrivateKey))
|
||||||
|
assert.ErrorContains(t, err, expectedError, "Expected error about missing auth")
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestConfigValidationOnlyOneTypeOfCredentials(t *testing.T) {
|
||||||
|
config := &Config{
|
||||||
|
AppID: 1,
|
||||||
|
AppInstallationID: 10,
|
||||||
|
AppPrivateKey: "asdf",
|
||||||
|
Token: "asdf",
|
||||||
|
ConfigureUrl: "github.com/some_org/some_repo",
|
||||||
|
EphemeralRunnerSetNamespace: "namespace",
|
||||||
|
EphemeralRunnerSetName: "deployment",
|
||||||
|
RunnerScaleSetId: 1,
|
||||||
|
}
|
||||||
|
err := config.validate()
|
||||||
|
expectedError := fmt.Sprintf("only one GitHub auth method supported at a time. Have both PAT and App auth: token length: '%d', appId: '%d', installationId: '%d', private key length: '%d", len(config.Token), config.AppID, config.AppInstallationID, len(config.AppPrivateKey))
|
||||||
|
assert.ErrorContains(t, err, expectedError, "Expected error about missing auth")
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestConfigValidation(t *testing.T) {
|
||||||
|
config := &Config{
|
||||||
|
ConfigureUrl: "https://github.com/actions",
|
||||||
|
EphemeralRunnerSetNamespace: "namespace",
|
||||||
|
EphemeralRunnerSetName: "deployment",
|
||||||
|
RunnerScaleSetId: 1,
|
||||||
|
MinRunners: 1,
|
||||||
|
MaxRunners: 5,
|
||||||
|
Token: "asdf",
|
||||||
|
}
|
||||||
|
|
||||||
|
err := config.validate()
|
||||||
|
|
||||||
|
assert.NoError(t, err, "Expected no error")
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestConfigValidationConfigUrl(t *testing.T) {
|
||||||
|
config := &Config{
|
||||||
|
EphemeralRunnerSetNamespace: "namespace",
|
||||||
|
EphemeralRunnerSetName: "deployment",
|
||||||
|
RunnerScaleSetId: 1,
|
||||||
|
}
|
||||||
|
|
||||||
|
err := config.validate()
|
||||||
|
|
||||||
|
assert.ErrorContains(t, err, "GitHubConfigUrl is not provided", "Expected error about missing ConfigureUrl")
|
||||||
|
}
|
||||||
@@ -28,39 +28,26 @@ import (
|
|||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/actions/actions-runner-controller/build"
|
"github.com/actions/actions-runner-controller/build"
|
||||||
|
"github.com/actions/actions-runner-controller/cmd/githubrunnerscalesetlistener/config"
|
||||||
"github.com/actions/actions-runner-controller/github/actions"
|
"github.com/actions/actions-runner-controller/github/actions"
|
||||||
"github.com/actions/actions-runner-controller/logging"
|
"github.com/actions/actions-runner-controller/logging"
|
||||||
"github.com/go-logr/logr"
|
"github.com/go-logr/logr"
|
||||||
"github.com/kelseyhightower/envconfig"
|
|
||||||
"github.com/prometheus/client_golang/prometheus"
|
"github.com/prometheus/client_golang/prometheus"
|
||||||
"github.com/prometheus/client_golang/prometheus/promhttp"
|
"github.com/prometheus/client_golang/prometheus/promhttp"
|
||||||
"golang.org/x/net/http/httpproxy"
|
"golang.org/x/net/http/httpproxy"
|
||||||
"golang.org/x/sync/errgroup"
|
"golang.org/x/sync/errgroup"
|
||||||
)
|
)
|
||||||
|
|
||||||
type RunnerScaleSetListenerConfig struct {
|
|
||||||
ConfigureUrl string `split_words:"true"`
|
|
||||||
AppID int64 `split_words:"true"`
|
|
||||||
AppInstallationID int64 `split_words:"true"`
|
|
||||||
AppPrivateKey string `split_words:"true"`
|
|
||||||
Token string `split_words:"true"`
|
|
||||||
EphemeralRunnerSetNamespace string `split_words:"true"`
|
|
||||||
EphemeralRunnerSetName string `split_words:"true"`
|
|
||||||
MaxRunners int `split_words:"true"`
|
|
||||||
MinRunners int `split_words:"true"`
|
|
||||||
RunnerScaleSetId int `split_words:"true"`
|
|
||||||
RunnerScaleSetName string `split_words:"true"`
|
|
||||||
ServerRootCA string `split_words:"true"`
|
|
||||||
LogLevel string `split_words:"true"`
|
|
||||||
LogFormat string `split_words:"true"`
|
|
||||||
MetricsAddr string `split_words:"true"`
|
|
||||||
MetricsEndpoint string `split_words:"true"`
|
|
||||||
}
|
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
var rc RunnerScaleSetListenerConfig
|
configPath, ok := os.LookupEnv("LISTENER_CONFIG_PATH")
|
||||||
if err := envconfig.Process("github", &rc); err != nil {
|
if !ok {
|
||||||
fmt.Fprintf(os.Stderr, "Error: processing environment variables for RunnerScaleSetListenerConfig: %v\n", err)
|
fmt.Fprintf(os.Stderr, "Error: LISTENER_CONFIG_PATH environment variable is not set\n")
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
|
rc, err := config.Read(configPath)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Fprintf(os.Stderr, "Error: reading config from path(%q): %v\n", configPath, err)
|
||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -80,12 +67,6 @@ func main() {
|
|||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Validate all inputs
|
|
||||||
if err := validateConfig(&rc); err != nil {
|
|
||||||
logger.Error(err, "Inputs validation failed")
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
|
|
||||||
ctx, stop := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM)
|
ctx, stop := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM)
|
||||||
defer stop()
|
defer stop()
|
||||||
|
|
||||||
@@ -123,7 +104,7 @@ func main() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type metricsServer struct {
|
type metricsServer struct {
|
||||||
rc RunnerScaleSetListenerConfig
|
rc config.Config
|
||||||
logger logr.Logger
|
logger logr.Logger
|
||||||
srv *http.Server
|
srv *http.Server
|
||||||
}
|
}
|
||||||
@@ -173,7 +154,7 @@ type runOptions struct {
|
|||||||
serviceOptions []func(*Service)
|
serviceOptions []func(*Service)
|
||||||
}
|
}
|
||||||
|
|
||||||
func run(ctx context.Context, rc RunnerScaleSetListenerConfig, logger logr.Logger, opts runOptions) error {
|
func run(ctx context.Context, rc config.Config, logger logr.Logger, opts runOptions) error {
|
||||||
// Create root context and hook with sigint and sigterm
|
// Create root context and hook with sigint and sigterm
|
||||||
creds := &actions.ActionsAuth{}
|
creds := &actions.ActionsAuth{}
|
||||||
if rc.Token != "" {
|
if rc.Token != "" {
|
||||||
@@ -232,38 +213,7 @@ func run(ctx context.Context, rc RunnerScaleSetListenerConfig, logger logr.Logge
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func validateConfig(config *RunnerScaleSetListenerConfig) error {
|
func newActionsClientFromConfig(config config.Config, creds *actions.ActionsAuth, options ...actions.ClientOption) (*actions.Client, error) {
|
||||||
if len(config.ConfigureUrl) == 0 {
|
|
||||||
return fmt.Errorf("GitHubConfigUrl is not provided")
|
|
||||||
}
|
|
||||||
|
|
||||||
if len(config.EphemeralRunnerSetNamespace) == 0 || len(config.EphemeralRunnerSetName) == 0 {
|
|
||||||
return fmt.Errorf("EphemeralRunnerSetNamespace '%s' or EphemeralRunnerSetName '%s' is missing", config.EphemeralRunnerSetNamespace, config.EphemeralRunnerSetName)
|
|
||||||
}
|
|
||||||
|
|
||||||
if config.RunnerScaleSetId == 0 {
|
|
||||||
return fmt.Errorf("RunnerScaleSetId '%d' is missing", config.RunnerScaleSetId)
|
|
||||||
}
|
|
||||||
|
|
||||||
if config.MaxRunners < config.MinRunners {
|
|
||||||
return fmt.Errorf("MinRunners '%d' cannot be greater than MaxRunners '%d'", config.MinRunners, config.MaxRunners)
|
|
||||||
}
|
|
||||||
|
|
||||||
hasToken := len(config.Token) > 0
|
|
||||||
hasPrivateKeyConfig := config.AppID > 0 && config.AppPrivateKey != ""
|
|
||||||
|
|
||||||
if !hasToken && !hasPrivateKeyConfig {
|
|
||||||
return fmt.Errorf("GitHub auth credential is missing, token length: '%d', appId: '%d', installationId: '%d', private key length: '%d", len(config.Token), config.AppID, config.AppInstallationID, len(config.AppPrivateKey))
|
|
||||||
}
|
|
||||||
|
|
||||||
if hasToken && hasPrivateKeyConfig {
|
|
||||||
return fmt.Errorf("only one GitHub auth method supported at a time. Have both PAT and App auth: token length: '%d', appId: '%d', installationId: '%d', private key length: '%d", len(config.Token), config.AppID, config.AppInstallationID, len(config.AppPrivateKey))
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func newActionsClientFromConfig(config RunnerScaleSetListenerConfig, creds *actions.ActionsAuth, options ...actions.ClientOption) (*actions.Client, error) {
|
|
||||||
if config.ServerRootCA != "" {
|
if config.ServerRootCA != "" {
|
||||||
systemPool, err := x509.SystemCertPool()
|
systemPool, err := x509.SystemCertPool()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
@@ -3,7 +3,6 @@ package main
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
"fmt"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/httptest"
|
"net/http/httptest"
|
||||||
"os"
|
"os"
|
||||||
@@ -13,94 +12,11 @@ import (
|
|||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
||||||
|
"github.com/actions/actions-runner-controller/cmd/githubrunnerscalesetlistener/config"
|
||||||
"github.com/actions/actions-runner-controller/github/actions"
|
"github.com/actions/actions-runner-controller/github/actions"
|
||||||
"github.com/actions/actions-runner-controller/github/actions/testserver"
|
"github.com/actions/actions-runner-controller/github/actions/testserver"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestConfigValidationMinMax(t *testing.T) {
|
|
||||||
config := &RunnerScaleSetListenerConfig{
|
|
||||||
ConfigureUrl: "github.com/some_org/some_repo",
|
|
||||||
EphemeralRunnerSetNamespace: "namespace",
|
|
||||||
EphemeralRunnerSetName: "deployment",
|
|
||||||
RunnerScaleSetId: 1,
|
|
||||||
MinRunners: 5,
|
|
||||||
MaxRunners: 2,
|
|
||||||
Token: "token",
|
|
||||||
}
|
|
||||||
err := validateConfig(config)
|
|
||||||
assert.ErrorContains(t, err, "MinRunners '5' cannot be greater than MaxRunners '2", "Expected error about MinRunners > MaxRunners")
|
|
||||||
}
|
|
||||||
|
|
||||||
func TestConfigValidationMissingToken(t *testing.T) {
|
|
||||||
config := &RunnerScaleSetListenerConfig{
|
|
||||||
ConfigureUrl: "github.com/some_org/some_repo",
|
|
||||||
EphemeralRunnerSetNamespace: "namespace",
|
|
||||||
EphemeralRunnerSetName: "deployment",
|
|
||||||
RunnerScaleSetId: 1,
|
|
||||||
}
|
|
||||||
err := validateConfig(config)
|
|
||||||
expectedError := fmt.Sprintf("GitHub auth credential is missing, token length: '%d', appId: '%d', installationId: '%d', private key length: '%d", len(config.Token), config.AppID, config.AppInstallationID, len(config.AppPrivateKey))
|
|
||||||
assert.ErrorContains(t, err, expectedError, "Expected error about missing auth")
|
|
||||||
}
|
|
||||||
|
|
||||||
func TestConfigValidationAppKey(t *testing.T) {
|
|
||||||
config := &RunnerScaleSetListenerConfig{
|
|
||||||
AppID: 1,
|
|
||||||
AppInstallationID: 10,
|
|
||||||
ConfigureUrl: "github.com/some_org/some_repo",
|
|
||||||
EphemeralRunnerSetNamespace: "namespace",
|
|
||||||
EphemeralRunnerSetName: "deployment",
|
|
||||||
RunnerScaleSetId: 1,
|
|
||||||
}
|
|
||||||
err := validateConfig(config)
|
|
||||||
expectedError := fmt.Sprintf("GitHub auth credential is missing, token length: '%d', appId: '%d', installationId: '%d', private key length: '%d", len(config.Token), config.AppID, config.AppInstallationID, len(config.AppPrivateKey))
|
|
||||||
assert.ErrorContains(t, err, expectedError, "Expected error about missing auth")
|
|
||||||
}
|
|
||||||
|
|
||||||
func TestConfigValidationOnlyOneTypeOfCredentials(t *testing.T) {
|
|
||||||
config := &RunnerScaleSetListenerConfig{
|
|
||||||
AppID: 1,
|
|
||||||
AppInstallationID: 10,
|
|
||||||
AppPrivateKey: "asdf",
|
|
||||||
Token: "asdf",
|
|
||||||
ConfigureUrl: "github.com/some_org/some_repo",
|
|
||||||
EphemeralRunnerSetNamespace: "namespace",
|
|
||||||
EphemeralRunnerSetName: "deployment",
|
|
||||||
RunnerScaleSetId: 1,
|
|
||||||
}
|
|
||||||
err := validateConfig(config)
|
|
||||||
expectedError := fmt.Sprintf("only one GitHub auth method supported at a time. Have both PAT and App auth: token length: '%d', appId: '%d', installationId: '%d', private key length: '%d", len(config.Token), config.AppID, config.AppInstallationID, len(config.AppPrivateKey))
|
|
||||||
assert.ErrorContains(t, err, expectedError, "Expected error about missing auth")
|
|
||||||
}
|
|
||||||
|
|
||||||
func TestConfigValidation(t *testing.T) {
|
|
||||||
config := &RunnerScaleSetListenerConfig{
|
|
||||||
ConfigureUrl: "https://github.com/actions",
|
|
||||||
EphemeralRunnerSetNamespace: "namespace",
|
|
||||||
EphemeralRunnerSetName: "deployment",
|
|
||||||
RunnerScaleSetId: 1,
|
|
||||||
MinRunners: 1,
|
|
||||||
MaxRunners: 5,
|
|
||||||
Token: "asdf",
|
|
||||||
}
|
|
||||||
|
|
||||||
err := validateConfig(config)
|
|
||||||
|
|
||||||
assert.NoError(t, err, "Expected no error")
|
|
||||||
}
|
|
||||||
|
|
||||||
func TestConfigValidationConfigUrl(t *testing.T) {
|
|
||||||
config := &RunnerScaleSetListenerConfig{
|
|
||||||
EphemeralRunnerSetNamespace: "namespace",
|
|
||||||
EphemeralRunnerSetName: "deployment",
|
|
||||||
RunnerScaleSetId: 1,
|
|
||||||
}
|
|
||||||
|
|
||||||
err := validateConfig(config)
|
|
||||||
|
|
||||||
assert.ErrorContains(t, err, "GitHubConfigUrl is not provided", "Expected error about missing ConfigureUrl")
|
|
||||||
}
|
|
||||||
|
|
||||||
func TestCustomerServerRootCA(t *testing.T) {
|
func TestCustomerServerRootCA(t *testing.T) {
|
||||||
ctx := context.Background()
|
ctx := context.Background()
|
||||||
certsFolder := filepath.Join(
|
certsFolder := filepath.Join(
|
||||||
@@ -134,7 +50,7 @@ func TestCustomerServerRootCA(t *testing.T) {
|
|||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
certsString = certsString + string(intermediate)
|
certsString = certsString + string(intermediate)
|
||||||
|
|
||||||
config := RunnerScaleSetListenerConfig{
|
config := config.Config{
|
||||||
ConfigureUrl: server.ConfigURLForOrg("myorg"),
|
ConfigureUrl: server.ConfigURLForOrg("myorg"),
|
||||||
ServerRootCA: certsString,
|
ServerRootCA: certsString,
|
||||||
}
|
}
|
||||||
@@ -164,7 +80,7 @@ func TestProxySettings(t *testing.T) {
|
|||||||
os.Setenv("http_proxy", proxy.URL)
|
os.Setenv("http_proxy", proxy.URL)
|
||||||
defer os.Setenv("http_proxy", prevProxy)
|
defer os.Setenv("http_proxy", prevProxy)
|
||||||
|
|
||||||
config := RunnerScaleSetListenerConfig{
|
config := config.Config{
|
||||||
ConfigureUrl: "https://github.com/org/repo",
|
ConfigureUrl: "https://github.com/org/repo",
|
||||||
}
|
}
|
||||||
creds := &actions.ActionsAuth{
|
creds := &actions.ActionsAuth{
|
||||||
@@ -196,7 +112,7 @@ func TestProxySettings(t *testing.T) {
|
|||||||
os.Setenv("https_proxy", proxy.URL)
|
os.Setenv("https_proxy", proxy.URL)
|
||||||
defer os.Setenv("https_proxy", prevProxy)
|
defer os.Setenv("https_proxy", prevProxy)
|
||||||
|
|
||||||
config := RunnerScaleSetListenerConfig{
|
config := config.Config{
|
||||||
ConfigureUrl: "https://github.com/org/repo",
|
ConfigureUrl: "https://github.com/org/repo",
|
||||||
}
|
}
|
||||||
creds := &actions.ActionsAuth{
|
creds := &actions.ActionsAuth{
|
||||||
@@ -233,7 +149,7 @@ func TestProxySettings(t *testing.T) {
|
|||||||
os.Setenv("no_proxy", "example.com")
|
os.Setenv("no_proxy", "example.com")
|
||||||
defer os.Setenv("no_proxy", prevNoProxy)
|
defer os.Setenv("no_proxy", prevNoProxy)
|
||||||
|
|
||||||
config := RunnerScaleSetListenerConfig{
|
config := config.Config{
|
||||||
ConfigureUrl: "https://github.com/org/repo",
|
ConfigureUrl: "https://github.com/org/repo",
|
||||||
}
|
}
|
||||||
creds := &actions.ActionsAuth{
|
creds := &actions.ActionsAuth{
|
||||||
|
|||||||
@@ -1,8 +1,6 @@
|
|||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"strconv"
|
|
||||||
|
|
||||||
"github.com/actions/actions-runner-controller/github/actions"
|
"github.com/actions/actions-runner-controller/github/actions"
|
||||||
"github.com/prometheus/client_golang/prometheus"
|
"github.com/prometheus/client_golang/prometheus"
|
||||||
)
|
)
|
||||||
@@ -18,8 +16,6 @@ const (
|
|||||||
labelKeyJobWorkflowRef = "job_workflow_ref"
|
labelKeyJobWorkflowRef = "job_workflow_ref"
|
||||||
labelKeyEventName = "event_name"
|
labelKeyEventName = "event_name"
|
||||||
labelKeyJobResult = "job_result"
|
labelKeyJobResult = "job_result"
|
||||||
labelKeyRunnerID = "runner_id"
|
|
||||||
labelKeyRunnerName = "runner_name"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const githubScaleSetSubsystem = "gha"
|
const githubScaleSetSubsystem = "gha"
|
||||||
@@ -43,10 +39,15 @@ var (
|
|||||||
labelKeyEventName,
|
labelKeyEventName,
|
||||||
}
|
}
|
||||||
|
|
||||||
completedJobsTotalLabels = append(jobLabels, labelKeyJobResult, labelKeyRunnerID, labelKeyRunnerName)
|
completedJobsTotalLabels = append(jobLabels, labelKeyJobResult)
|
||||||
jobExecutionDurationLabels = append(jobLabels, labelKeyJobResult, labelKeyRunnerID, labelKeyRunnerName)
|
jobExecutionDurationLabels = append(jobLabels, labelKeyJobResult)
|
||||||
startedJobsTotalLabels = append(jobLabels, labelKeyRunnerID, labelKeyRunnerName)
|
startedJobsTotalLabels = jobLabels
|
||||||
jobStartupDurationLabels = append(jobLabels, labelKeyRunnerID, labelKeyRunnerName)
|
jobStartupDurationLabels = []string{
|
||||||
|
labelKeyRepository,
|
||||||
|
labelKeyOrganization,
|
||||||
|
labelKeyEnterprise,
|
||||||
|
labelKeyEventName,
|
||||||
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
// metrics
|
// metrics
|
||||||
@@ -274,23 +275,34 @@ func (b *baseLabels) scaleSetLabels() prometheus.Labels {
|
|||||||
|
|
||||||
func (b *baseLabels) completedJobLabels(msg *actions.JobCompleted) prometheus.Labels {
|
func (b *baseLabels) completedJobLabels(msg *actions.JobCompleted) prometheus.Labels {
|
||||||
l := b.jobLabels(&msg.JobMessageBase)
|
l := b.jobLabels(&msg.JobMessageBase)
|
||||||
l[labelKeyRunnerID] = strconv.Itoa(msg.RunnerId)
|
|
||||||
l[labelKeyJobResult] = msg.Result
|
l[labelKeyJobResult] = msg.Result
|
||||||
l[labelKeyRunnerName] = msg.RunnerName
|
|
||||||
return l
|
return l
|
||||||
}
|
}
|
||||||
|
|
||||||
func (b *baseLabels) startedJobLabels(msg *actions.JobStarted) prometheus.Labels {
|
func (b *baseLabels) startedJobLabels(msg *actions.JobStarted) prometheus.Labels {
|
||||||
l := b.jobLabels(&msg.JobMessageBase)
|
l := b.jobLabels(&msg.JobMessageBase)
|
||||||
l[labelKeyRunnerID] = strconv.Itoa(msg.RunnerId)
|
|
||||||
l[labelKeyRunnerName] = msg.RunnerName
|
|
||||||
return l
|
return l
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (b *baseLabels) jobStartupDurationLabels(msg *actions.JobStarted) prometheus.Labels {
|
||||||
|
return prometheus.Labels{
|
||||||
|
labelKeyEnterprise: b.enterprise,
|
||||||
|
labelKeyOrganization: b.organization,
|
||||||
|
labelKeyRepository: b.repository,
|
||||||
|
labelKeyEventName: msg.EventName,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func (m *metricsExporter) withBaseLabels(base baseLabels) {
|
func (m *metricsExporter) withBaseLabels(base baseLabels) {
|
||||||
m.baseLabels = base
|
m.baseLabels = base
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (m *metricsExporter) publishStatic(max, min int) {
|
||||||
|
l := m.scaleSetLabels()
|
||||||
|
maxRunners.With(l).Set(float64(max))
|
||||||
|
minRunners.With(l).Set(float64(min))
|
||||||
|
}
|
||||||
|
|
||||||
func (m *metricsExporter) publishStatistics(stats *actions.RunnerScaleSetStatistic) {
|
func (m *metricsExporter) publishStatistics(stats *actions.RunnerScaleSetStatistic) {
|
||||||
l := m.scaleSetLabels()
|
l := m.scaleSetLabels()
|
||||||
|
|
||||||
@@ -307,6 +319,7 @@ func (m *metricsExporter) publishJobStarted(msg *actions.JobStarted) {
|
|||||||
l := m.startedJobLabels(msg)
|
l := m.startedJobLabels(msg)
|
||||||
startedJobsTotal.With(l).Inc()
|
startedJobsTotal.With(l).Inc()
|
||||||
|
|
||||||
|
l = m.jobStartupDurationLabels(msg)
|
||||||
startupDuration := msg.JobMessageBase.RunnerAssignTime.Unix() - msg.JobMessageBase.ScaleSetAssignTime.Unix()
|
startupDuration := msg.JobMessageBase.RunnerAssignTime.Unix() - msg.JobMessageBase.ScaleSetAssignTime.Unix()
|
||||||
jobStartupDurationSeconds.With(l).Observe(float64(startupDuration))
|
jobStartupDurationSeconds.With(l).Observe(float64(startupDuration))
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -39,6 +39,9 @@ import (
|
|||||||
_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
|
_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
|
||||||
_ "k8s.io/client-go/plugin/pkg/client/auth/oidc"
|
_ "k8s.io/client-go/plugin/pkg/client/auth/oidc"
|
||||||
ctrl "sigs.k8s.io/controller-runtime"
|
ctrl "sigs.k8s.io/controller-runtime"
|
||||||
|
"sigs.k8s.io/controller-runtime/pkg/cache"
|
||||||
|
metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
|
||||||
|
"sigs.k8s.io/controller-runtime/pkg/webhook"
|
||||||
// +kubebuilder:scaffold:imports
|
// +kubebuilder:scaffold:imports
|
||||||
)
|
)
|
||||||
|
|
||||||
@@ -149,11 +152,19 @@ func main() {
|
|||||||
|
|
||||||
syncPeriod := 10 * time.Minute
|
syncPeriod := 10 * time.Minute
|
||||||
mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
|
mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
|
||||||
Scheme: scheme,
|
Scheme: scheme,
|
||||||
SyncPeriod: &syncPeriod,
|
Cache: cache.Options{
|
||||||
Namespace: watchNamespace,
|
SyncPeriod: &syncPeriod,
|
||||||
MetricsBindAddress: metricsAddr,
|
DefaultNamespaces: map[string]cache.Config{
|
||||||
Port: 9443,
|
watchNamespace: {},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Metrics: metricsserver.Options{
|
||||||
|
BindAddress: metricsAddr,
|
||||||
|
},
|
||||||
|
WebhookServer: webhook.NewServer(webhook.Options{
|
||||||
|
Port: 9443,
|
||||||
|
}),
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Error(err, "unable to start manager")
|
logger.Error(err, "unable to start manager")
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: autoscalinglisteners.actions.github.com
|
name: autoscalinglisteners.actions.github.com
|
||||||
spec:
|
spec:
|
||||||
group: actions.github.com
|
group: actions.github.com
|
||||||
@@ -796,7 +795,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -861,7 +860,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -920,7 +919,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -944,7 +943,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1056,7 +1055,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1080,7 +1079,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1141,11 +1140,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1175,9 +1191,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1240,7 +1259,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1258,7 +1277,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1282,7 +1301,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1306,7 +1325,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1629,7 +1648,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1694,7 +1713,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1753,7 +1772,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1777,7 +1796,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1889,7 +1908,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1913,7 +1932,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1974,11 +1993,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2008,9 +2044,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2073,7 +2112,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2091,7 +2130,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2115,7 +2154,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2139,7 +2178,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2474,7 +2513,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2539,7 +2578,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2598,7 +2637,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2622,7 +2661,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2734,7 +2773,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2758,7 +2797,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2819,11 +2858,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2853,9 +2909,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -2918,7 +2977,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2936,7 +2995,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2960,7 +3019,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2984,7 +3043,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3175,7 +3234,7 @@ spec:
|
|||||||
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
||||||
type: string
|
type: string
|
||||||
resourceClaimTemplateName:
|
resourceClaimTemplateName:
|
||||||
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -3186,7 +3245,7 @@ spec:
|
|||||||
- name
|
- name
|
||||||
x-kubernetes-list-type: map
|
x-kubernetes-list-type: map
|
||||||
restartPolicy:
|
restartPolicy:
|
||||||
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
||||||
type: string
|
type: string
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
||||||
@@ -3195,7 +3254,7 @@ spec:
|
|||||||
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
||||||
type: string
|
type: string
|
||||||
schedulingGates:
|
schedulingGates:
|
||||||
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate."
|
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate."
|
||||||
items:
|
items:
|
||||||
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
||||||
properties:
|
properties:
|
||||||
@@ -3250,7 +3309,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3290,7 +3349,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3376,7 +3435,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -3660,7 +3719,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -3738,7 +3797,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3768,7 +3827,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: autoscalingrunnersets.actions.github.com
|
name: autoscalingrunnersets.actions.github.com
|
||||||
spec:
|
spec:
|
||||||
group: actions.github.com
|
group: actions.github.com
|
||||||
@@ -754,7 +753,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -819,7 +818,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -878,7 +877,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -902,7 +901,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1014,7 +1013,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1038,7 +1037,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1099,11 +1098,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1133,9 +1149,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1198,7 +1217,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1216,7 +1235,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1240,7 +1259,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1264,7 +1283,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1587,7 +1606,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1652,7 +1671,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1711,7 +1730,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1735,7 +1754,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1847,7 +1866,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1871,7 +1890,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1932,11 +1951,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1966,9 +2002,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2031,7 +2070,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2049,7 +2088,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2073,7 +2112,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2097,7 +2136,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2432,7 +2471,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2497,7 +2536,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2556,7 +2595,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2580,7 +2619,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2692,7 +2731,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2716,7 +2755,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2777,11 +2816,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2811,9 +2867,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -2876,7 +2935,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2894,7 +2953,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2918,7 +2977,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2942,7 +3001,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3133,7 +3192,7 @@ spec:
|
|||||||
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
||||||
type: string
|
type: string
|
||||||
resourceClaimTemplateName:
|
resourceClaimTemplateName:
|
||||||
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -3144,7 +3203,7 @@ spec:
|
|||||||
- name
|
- name
|
||||||
x-kubernetes-list-type: map
|
x-kubernetes-list-type: map
|
||||||
restartPolicy:
|
restartPolicy:
|
||||||
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
||||||
type: string
|
type: string
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
||||||
@@ -3153,7 +3212,7 @@ spec:
|
|||||||
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
||||||
type: string
|
type: string
|
||||||
schedulingGates:
|
schedulingGates:
|
||||||
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate."
|
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate."
|
||||||
items:
|
items:
|
||||||
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
||||||
properties:
|
properties:
|
||||||
@@ -3208,7 +3267,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3248,7 +3307,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3334,7 +3393,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -3618,7 +3677,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -3696,7 +3755,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3726,7 +3785,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
@@ -5043,7 +5102,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5108,7 +5167,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5167,7 +5226,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -5191,7 +5250,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5303,7 +5362,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -5327,7 +5386,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5388,11 +5447,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -5419,9 +5495,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -5484,7 +5563,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -5502,7 +5581,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -5526,7 +5605,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -5550,7 +5629,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5873,7 +5952,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5938,7 +6017,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -5997,7 +6076,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -6021,7 +6100,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -6133,7 +6212,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -6157,7 +6236,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -6218,11 +6297,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -6249,9 +6345,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -6314,7 +6413,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -6332,7 +6431,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -6356,7 +6455,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -6380,7 +6479,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -6715,7 +6814,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -6780,7 +6879,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -6839,7 +6938,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -6863,7 +6962,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -6975,7 +7074,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -6999,7 +7098,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -7060,11 +7159,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -7091,9 +7207,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -7156,7 +7275,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -7174,7 +7293,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -7198,7 +7317,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -7222,7 +7341,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -7413,7 +7532,7 @@ spec:
|
|||||||
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
||||||
type: string
|
type: string
|
||||||
resourceClaimTemplateName:
|
resourceClaimTemplateName:
|
||||||
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -7424,7 +7543,7 @@ spec:
|
|||||||
- name
|
- name
|
||||||
x-kubernetes-list-type: map
|
x-kubernetes-list-type: map
|
||||||
restartPolicy:
|
restartPolicy:
|
||||||
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
||||||
type: string
|
type: string
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
||||||
@@ -7433,7 +7552,7 @@ spec:
|
|||||||
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
||||||
type: string
|
type: string
|
||||||
schedulingGates:
|
schedulingGates:
|
||||||
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate."
|
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate."
|
||||||
items:
|
items:
|
||||||
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
||||||
properties:
|
properties:
|
||||||
@@ -7488,7 +7607,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -7528,7 +7647,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -7614,7 +7733,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -7898,7 +8017,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -7976,7 +8095,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -8003,7 +8122,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: ephemeralrunners.actions.github.com
|
name: ephemeralrunners.actions.github.com
|
||||||
spec:
|
spec:
|
||||||
group: actions.github.com
|
group: actions.github.com
|
||||||
@@ -779,7 +778,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -844,7 +843,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -903,7 +902,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -927,7 +926,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1039,7 +1038,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1063,7 +1062,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1124,11 +1123,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1155,9 +1171,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1220,7 +1239,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1238,7 +1257,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1262,7 +1281,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1286,7 +1305,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1609,7 +1628,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1674,7 +1693,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1733,7 +1752,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1757,7 +1776,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1869,7 +1888,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1893,7 +1912,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1954,11 +1973,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1985,9 +2021,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2050,7 +2089,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2068,7 +2107,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2092,7 +2131,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2116,7 +2155,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2451,7 +2490,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2516,7 +2555,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2575,7 +2614,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2599,7 +2638,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2711,7 +2750,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2735,7 +2774,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2796,11 +2835,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2827,9 +2883,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -2892,7 +2951,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2910,7 +2969,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2934,7 +2993,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2958,7 +3017,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3149,7 +3208,7 @@ spec:
|
|||||||
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
||||||
type: string
|
type: string
|
||||||
resourceClaimTemplateName:
|
resourceClaimTemplateName:
|
||||||
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -3160,7 +3219,7 @@ spec:
|
|||||||
- name
|
- name
|
||||||
x-kubernetes-list-type: map
|
x-kubernetes-list-type: map
|
||||||
restartPolicy:
|
restartPolicy:
|
||||||
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
||||||
type: string
|
type: string
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
||||||
@@ -3169,7 +3228,7 @@ spec:
|
|||||||
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
||||||
type: string
|
type: string
|
||||||
schedulingGates:
|
schedulingGates:
|
||||||
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate."
|
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate."
|
||||||
items:
|
items:
|
||||||
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
||||||
properties:
|
properties:
|
||||||
@@ -3224,7 +3283,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3264,7 +3323,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3350,7 +3409,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -3634,7 +3693,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -3712,7 +3771,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3739,7 +3798,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
|
|||||||
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.11.3
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: ephemeralrunnersets.actions.github.com
|
name: ephemeralrunnersets.actions.github.com
|
||||||
spec:
|
spec:
|
||||||
group: actions.github.com
|
group: actions.github.com
|
||||||
@@ -773,7 +772,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -838,7 +837,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -897,7 +896,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -921,7 +920,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1033,7 +1032,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1057,7 +1056,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1118,11 +1117,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1149,9 +1165,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1214,7 +1233,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1232,7 +1251,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1256,7 +1275,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1280,7 +1299,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1603,7 +1622,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1668,7 +1687,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1727,7 +1746,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1751,7 +1770,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1863,7 +1882,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1887,7 +1906,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1948,11 +1967,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1979,9 +2015,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2044,7 +2083,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2062,7 +2101,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2086,7 +2125,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2110,7 +2149,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2445,7 +2484,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2510,7 +2549,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2569,7 +2608,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2593,7 +2632,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2705,7 +2744,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2729,7 +2768,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2790,11 +2829,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2821,9 +2877,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -2886,7 +2945,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2904,7 +2963,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2928,7 +2987,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2952,7 +3011,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3143,7 +3202,7 @@ spec:
|
|||||||
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
||||||
type: string
|
type: string
|
||||||
resourceClaimTemplateName:
|
resourceClaimTemplateName:
|
||||||
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -3154,7 +3213,7 @@ spec:
|
|||||||
- name
|
- name
|
||||||
x-kubernetes-list-type: map
|
x-kubernetes-list-type: map
|
||||||
restartPolicy:
|
restartPolicy:
|
||||||
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
||||||
type: string
|
type: string
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
||||||
@@ -3163,7 +3222,7 @@ spec:
|
|||||||
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
||||||
type: string
|
type: string
|
||||||
schedulingGates:
|
schedulingGates:
|
||||||
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate."
|
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate."
|
||||||
items:
|
items:
|
||||||
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
||||||
properties:
|
properties:
|
||||||
@@ -3218,7 +3277,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3258,7 +3317,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3344,7 +3403,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
x-kubernetes-map-type: atomic
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -3628,7 +3687,7 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
@@ -3706,7 +3765,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3733,7 +3792,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
|
|||||||
@@ -1,9 +1,9 @@
|
|||||||
|
---
|
||||||
apiVersion: apiextensions.k8s.io/v1
|
apiVersion: apiextensions.k8s.io/v1
|
||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.7.0
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: horizontalrunnerautoscalers.actions.summerwind.dev
|
name: horizontalrunnerautoscalers.actions.summerwind.dev
|
||||||
spec:
|
spec:
|
||||||
group: actions.summerwind.dev
|
group: actions.summerwind.dev
|
||||||
@@ -251,9 +251,3 @@ spec:
|
|||||||
subresources:
|
subresources:
|
||||||
status: {}
|
status: {}
|
||||||
preserveUnknownFields: false
|
preserveUnknownFields: false
|
||||||
status:
|
|
||||||
acceptedNames:
|
|
||||||
kind: ""
|
|
||||||
plural: ""
|
|
||||||
conditions: []
|
|
||||||
storedVersions: []
|
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -1,9 +1,9 @@
|
|||||||
|
---
|
||||||
apiVersion: apiextensions.k8s.io/v1
|
apiVersion: apiextensions.k8s.io/v1
|
||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
annotations:
|
annotations:
|
||||||
controller-gen.kubebuilder.io/version: v0.7.0
|
controller-gen.kubebuilder.io/version: v0.13.0
|
||||||
creationTimestamp: null
|
|
||||||
name: runnersets.actions.summerwind.dev
|
name: runnersets.actions.summerwind.dev
|
||||||
spec:
|
spec:
|
||||||
group: actions.summerwind.dev
|
group: actions.summerwind.dev
|
||||||
@@ -96,10 +96,10 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
ordinals:
|
ordinals:
|
||||||
description: ordinals controls the numbering of replica indices in a StatefulSet. The default ordinals behavior assigns a "0" index to the first replica and increments the index by one for each additional replica requested. Using the ordinals field requires the StatefulSetStartOrdinal feature gate to be enabled, which is alpha.
|
description: ordinals controls the numbering of replica indices in a StatefulSet. The default ordinals behavior assigns a "0" index to the first replica and increments the index by one for each additional replica requested. Using the ordinals field requires the StatefulSetStartOrdinal feature gate to be enabled, which is beta.
|
||||||
properties:
|
properties:
|
||||||
start:
|
start:
|
||||||
description: 'start is the number representing the first replica''s index. It may be used to number replicas from an alternate index (eg: 1-indexed) over the default 0-indexed names, or to orchestrate progressive movement of replicas from one StatefulSet to another. If set, replica indices will be in the range: [.spec.ordinals.start, .spec.ordinals.start + .spec.replicas). If unset, defaults to 0. Replica indices will be in the range: [0, .spec.replicas).'
|
description: 'start is the number representing the first replica''s index. It may be used to number replicas from an alternate index (eg: 1-indexed) over the default 0-indexed names, or to orchestrate progressive movement of replicas from one StatefulSet to another. If set, replica indices will be in the range: [.spec.ordinals.start, .spec.ordinals.start + .spec.replicas). If unset, defaults to 0. Replica indices will be in the range: [0, .spec.replicas).'
|
||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
@@ -160,13 +160,14 @@ spec:
|
|||||||
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
serviceAccountName:
|
serviceAccountName:
|
||||||
type: string
|
type: string
|
||||||
serviceName:
|
serviceName:
|
||||||
description: 'serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where "pod-specific-string" is managed by the StatefulSet controller.'
|
description: 'serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where "pod-specific-string" is managed by the StatefulSet controller.'
|
||||||
type: string
|
type: string
|
||||||
template:
|
template:
|
||||||
description: template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet. Each pod will be named with the format <statefulsetname>-<podindex>. For example, a pod in a StatefulSet named "web" with index number "3" would be named "web-3".
|
description: template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet. Each pod will be named with the format <statefulsetname>-<podindex>. For example, a pod in a StatefulSet named "web" with index number "3" would be named "web-3". The only allowed template.spec.restartPolicy value is "Always".
|
||||||
properties:
|
properties:
|
||||||
metadata:
|
metadata:
|
||||||
description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
|
description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
|
||||||
@@ -252,6 +253,7 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
weight:
|
weight:
|
||||||
description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
|
description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
|
||||||
format: int32
|
format: int32
|
||||||
@@ -312,10 +314,12 @@ spec:
|
|||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
type: array
|
type: array
|
||||||
required:
|
required:
|
||||||
- nodeSelectorTerms
|
- nodeSelectorTerms
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
type: object
|
type: object
|
||||||
podAffinity:
|
podAffinity:
|
||||||
description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
|
description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
|
||||||
@@ -358,6 +362,7 @@ spec:
|
|||||||
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
namespaceSelector:
|
namespaceSelector:
|
||||||
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
|
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
|
||||||
properties:
|
properties:
|
||||||
@@ -388,6 +393,7 @@ spec:
|
|||||||
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
namespaces:
|
namespaces:
|
||||||
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
||||||
items:
|
items:
|
||||||
@@ -443,6 +449,7 @@ spec:
|
|||||||
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
namespaceSelector:
|
namespaceSelector:
|
||||||
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
|
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
|
||||||
properties:
|
properties:
|
||||||
@@ -473,6 +480,7 @@ spec:
|
|||||||
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
namespaces:
|
namespaces:
|
||||||
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
||||||
items:
|
items:
|
||||||
@@ -527,6 +535,7 @@ spec:
|
|||||||
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
namespaceSelector:
|
namespaceSelector:
|
||||||
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
|
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
|
||||||
properties:
|
properties:
|
||||||
@@ -557,6 +566,7 @@ spec:
|
|||||||
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
namespaces:
|
namespaces:
|
||||||
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
||||||
items:
|
items:
|
||||||
@@ -612,6 +622,7 @@ spec:
|
|||||||
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
namespaceSelector:
|
namespaceSelector:
|
||||||
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
|
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
|
||||||
properties:
|
properties:
|
||||||
@@ -642,6 +653,7 @@ spec:
|
|||||||
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
namespaces:
|
namespaces:
|
||||||
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
||||||
items:
|
items:
|
||||||
@@ -703,6 +715,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- key
|
- key
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
fieldRef:
|
fieldRef:
|
||||||
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
|
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
|
||||||
properties:
|
properties:
|
||||||
@@ -715,6 +728,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- fieldPath
|
- fieldPath
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
resourceFieldRef:
|
resourceFieldRef:
|
||||||
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
|
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
|
||||||
properties:
|
properties:
|
||||||
@@ -734,6 +748,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- resource
|
- resource
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
description: Selects a key of a secret in the pod's namespace
|
description: Selects a key of a secret in the pod's namespace
|
||||||
properties:
|
properties:
|
||||||
@@ -749,6 +764,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- key
|
- key
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
@@ -769,6 +785,7 @@ spec:
|
|||||||
description: Specify whether the ConfigMap must be defined
|
description: Specify whether the ConfigMap must be defined
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
prefix:
|
prefix:
|
||||||
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
|
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
|
||||||
type: string
|
type: string
|
||||||
@@ -782,6 +799,7 @@ spec:
|
|||||||
description: Specify whether the Secret must be defined
|
description: Specify whether the Secret must be defined
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
image:
|
image:
|
||||||
@@ -817,7 +835,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -882,7 +900,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -941,7 +959,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -965,7 +983,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1077,7 +1095,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1101,7 +1119,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1162,11 +1180,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -1193,9 +1228,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -1258,7 +1296,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -1276,7 +1314,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -1300,7 +1338,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1324,7 +1362,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1527,6 +1565,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- key
|
- key
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
fieldRef:
|
fieldRef:
|
||||||
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
|
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
|
||||||
properties:
|
properties:
|
||||||
@@ -1539,6 +1578,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- fieldPath
|
- fieldPath
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
resourceFieldRef:
|
resourceFieldRef:
|
||||||
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
|
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
|
||||||
properties:
|
properties:
|
||||||
@@ -1558,6 +1598,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- resource
|
- resource
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
description: Selects a key of a secret in the pod's namespace
|
description: Selects a key of a secret in the pod's namespace
|
||||||
properties:
|
properties:
|
||||||
@@ -1573,6 +1614,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- key
|
- key
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
@@ -1593,6 +1635,7 @@ spec:
|
|||||||
description: Specify whether the ConfigMap must be defined
|
description: Specify whether the ConfigMap must be defined
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
prefix:
|
prefix:
|
||||||
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
|
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
|
||||||
type: string
|
type: string
|
||||||
@@ -1606,6 +1649,7 @@ spec:
|
|||||||
description: Specify whether the Secret must be defined
|
description: Specify whether the Secret must be defined
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
image:
|
image:
|
||||||
@@ -1641,7 +1685,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1706,7 +1750,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1765,7 +1809,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1789,7 +1833,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1901,7 +1945,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -1925,7 +1969,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -1986,11 +2030,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
description: Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2017,9 +2078,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers.
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
description: 'Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2082,7 +2146,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2100,7 +2164,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2124,7 +2188,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2148,7 +2212,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2317,6 +2381,7 @@ spec:
|
|||||||
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
type: array
|
type: array
|
||||||
initContainers:
|
initContainers:
|
||||||
description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/'
|
description: 'List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/'
|
||||||
@@ -2362,6 +2427,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- key
|
- key
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
fieldRef:
|
fieldRef:
|
||||||
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
|
description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2374,6 +2440,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- fieldPath
|
- fieldPath
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
resourceFieldRef:
|
resourceFieldRef:
|
||||||
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
|
description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.'
|
||||||
properties:
|
properties:
|
||||||
@@ -2393,6 +2460,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- resource
|
- resource
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
description: Selects a key of a secret in the pod's namespace
|
description: Selects a key of a secret in the pod's namespace
|
||||||
properties:
|
properties:
|
||||||
@@ -2408,6 +2476,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- key
|
- key
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
@@ -2428,6 +2497,7 @@ spec:
|
|||||||
description: Specify whether the ConfigMap must be defined
|
description: Specify whether the ConfigMap must be defined
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
prefix:
|
prefix:
|
||||||
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
|
description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
|
||||||
type: string
|
type: string
|
||||||
@@ -2441,6 +2511,7 @@ spec:
|
|||||||
description: Specify whether the Secret must be defined
|
description: Specify whether the Secret must be defined
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
image:
|
image:
|
||||||
@@ -2476,7 +2547,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2541,7 +2612,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2600,7 +2671,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2624,7 +2695,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2736,7 +2807,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2760,7 +2831,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -2821,11 +2892,28 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
type: object
|
type: object
|
||||||
|
resizePolicy:
|
||||||
|
description: Resources resize policy for the container.
|
||||||
|
items:
|
||||||
|
description: ContainerResizePolicy represents resource resize policy for the container.
|
||||||
|
properties:
|
||||||
|
resourceName:
|
||||||
|
description: 'Name of the resource to which this resource resize policy applies. Supported values: cpu, memory.'
|
||||||
|
type: string
|
||||||
|
restartPolicy:
|
||||||
|
description: Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired.
|
||||||
|
type: string
|
||||||
|
required:
|
||||||
|
- resourceName
|
||||||
|
- restartPolicy
|
||||||
|
type: object
|
||||||
|
type: array
|
||||||
|
x-kubernetes-list-type: atomic
|
||||||
resources:
|
resources:
|
||||||
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -2852,9 +2940,12 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
restartPolicy:
|
||||||
|
description: 'RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is "Always". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod''s restart policy and the container type. Setting the RestartPolicy as "Always" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" will be shut down. This lifecycle differs from normal init containers and is often referred to as a "sidecar" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.'
|
||||||
|
type: string
|
||||||
securityContext:
|
securityContext:
|
||||||
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
description: 'SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
||||||
properties:
|
properties:
|
||||||
@@ -2917,7 +3008,7 @@ spec:
|
|||||||
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -2935,7 +3026,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -2959,7 +3050,7 @@ spec:
|
|||||||
format: int32
|
format: int32
|
||||||
type: integer
|
type: integer
|
||||||
grpc:
|
grpc:
|
||||||
description: GRPC specifies an action involving a GRPC port. This is a beta field and requires enabling GRPCContainerProbe feature gate.
|
description: GRPC specifies an action involving a GRPC port.
|
||||||
properties:
|
properties:
|
||||||
port:
|
port:
|
||||||
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
description: Port number of the gRPC service. Number must be in the range 1 to 65535.
|
||||||
@@ -2983,7 +3074,7 @@ spec:
|
|||||||
description: HTTPHeader describes a custom header to be used in HTTP probes
|
description: HTTPHeader describes a custom header to be used in HTTP probes
|
||||||
properties:
|
properties:
|
||||||
name:
|
name:
|
||||||
description: The header field name
|
description: The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.
|
||||||
type: string
|
type: string
|
||||||
value:
|
value:
|
||||||
description: The header field value
|
description: The header field value
|
||||||
@@ -3174,7 +3265,7 @@ spec:
|
|||||||
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
description: ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
|
||||||
type: string
|
type: string
|
||||||
resourceClaimTemplateName:
|
resourceClaimTemplateName:
|
||||||
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be <pod name>-<resource name>, where <resource name> is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). \n An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. \n The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. \n This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim."
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
@@ -3185,7 +3276,7 @@ spec:
|
|||||||
- name
|
- name
|
||||||
x-kubernetes-list-type: map
|
x-kubernetes-list-type: map
|
||||||
restartPolicy:
|
restartPolicy:
|
||||||
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
description: 'Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy'
|
||||||
type: string
|
type: string
|
||||||
runtimeClassName:
|
runtimeClassName:
|
||||||
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
description: 'RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class'
|
||||||
@@ -3194,7 +3285,7 @@ spec:
|
|||||||
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
description: If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.
|
||||||
type: string
|
type: string
|
||||||
schedulingGates:
|
schedulingGates:
|
||||||
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. More info: https://git.k8s.io/enhancements/keps/sig-scheduling/3521-pod-scheduling-readiness. \n This is an alpha-level feature enabled by PodSchedulingReadiness feature gate."
|
description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod. \n SchedulingGates can only be set at pod creation time, and be removed only afterwards. \n This is a beta feature enabled by the PodSchedulingReadiness feature gate."
|
||||||
items:
|
items:
|
||||||
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
description: PodSchedulingGate is associated to a Pod to guard its scheduling.
|
||||||
properties:
|
properties:
|
||||||
@@ -3249,7 +3340,7 @@ spec:
|
|||||||
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
description: The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.
|
||||||
properties:
|
properties:
|
||||||
localhostProfile:
|
localhostProfile:
|
||||||
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost".
|
description: localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.
|
||||||
type: string
|
type: string
|
||||||
type:
|
type:
|
||||||
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied."
|
||||||
@@ -3289,7 +3380,7 @@ spec:
|
|||||||
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
description: GMSACredentialSpecName is the name of the GMSA credential spec to use.
|
||||||
type: string
|
type: string
|
||||||
hostProcess:
|
hostProcess:
|
||||||
description: HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
description: HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
|
||||||
type: boolean
|
type: boolean
|
||||||
runAsUserName:
|
runAsUserName:
|
||||||
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
description: The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
||||||
@@ -3373,8 +3464,9 @@ spec:
|
|||||||
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
matchLabelKeys:
|
matchLabelKeys:
|
||||||
description: MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.
|
description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)."
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
@@ -3397,7 +3489,7 @@ spec:
|
|||||||
description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
|
description: TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field.
|
||||||
type: string
|
type: string
|
||||||
whenUnsatisfiable:
|
whenUnsatisfiable:
|
||||||
description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
|
description: 'WhenUnsatisfiable indicates how to deal with a pod if it doesn''t satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won''t make it *more* imbalanced. It''s a required field.'
|
||||||
type: string
|
type: string
|
||||||
required:
|
required:
|
||||||
- maxSkew
|
- maxSkew
|
||||||
@@ -3498,6 +3590,7 @@ spec:
|
|||||||
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
user:
|
user:
|
||||||
description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
|
description: 'user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
|
||||||
type: string
|
type: string
|
||||||
@@ -3520,6 +3613,7 @@ spec:
|
|||||||
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
volumeID:
|
volumeID:
|
||||||
description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
|
description: 'volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
|
||||||
type: string
|
type: string
|
||||||
@@ -3560,6 +3654,7 @@ spec:
|
|||||||
description: optional specify whether the ConfigMap or its keys must be defined
|
description: optional specify whether the ConfigMap or its keys must be defined
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
csi:
|
csi:
|
||||||
description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
|
description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
|
||||||
properties:
|
properties:
|
||||||
@@ -3576,6 +3671,7 @@ spec:
|
|||||||
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
readOnly:
|
readOnly:
|
||||||
description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
|
description: readOnly specifies a read-only configuration for the volume. Defaults to false (read/write).
|
||||||
type: boolean
|
type: boolean
|
||||||
@@ -3611,6 +3707,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- fieldPath
|
- fieldPath
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
mode:
|
mode:
|
||||||
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
||||||
format: int32
|
format: int32
|
||||||
@@ -3637,6 +3734,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- resource
|
- resource
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
required:
|
required:
|
||||||
- path
|
- path
|
||||||
type: object
|
type: object
|
||||||
@@ -3652,12 +3750,12 @@ spec:
|
|||||||
anyOf:
|
anyOf:
|
||||||
- type: integer
|
- type: integer
|
||||||
- type: string
|
- type: string
|
||||||
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
|
description: 'sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
type: object
|
type: object
|
||||||
ephemeral:
|
ephemeral:
|
||||||
description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
|
description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time."
|
||||||
properties:
|
properties:
|
||||||
volumeClaimTemplate:
|
volumeClaimTemplate:
|
||||||
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
|
description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `<pod name>-<volume name>` where `<volume name>` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil."
|
||||||
@@ -3706,8 +3804,9 @@ spec:
|
|||||||
- kind
|
- kind
|
||||||
- name
|
- name
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
dataSourceRef:
|
dataSourceRef:
|
||||||
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
|
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
|
||||||
properties:
|
properties:
|
||||||
apiGroup:
|
apiGroup:
|
||||||
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
|
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
|
||||||
@@ -3729,7 +3828,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -3756,7 +3855,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
@@ -3789,6 +3888,7 @@ spec:
|
|||||||
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
storageClassName:
|
storageClassName:
|
||||||
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
|
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
|
||||||
type: string
|
type: string
|
||||||
@@ -3851,6 +3951,7 @@ spec:
|
|||||||
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
required:
|
required:
|
||||||
- driver
|
- driver
|
||||||
type: object
|
type: object
|
||||||
@@ -3966,6 +4067,7 @@ spec:
|
|||||||
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
targetPortal:
|
targetPortal:
|
||||||
description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
|
description: targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
|
||||||
type: string
|
type: string
|
||||||
@@ -4074,6 +4176,7 @@ spec:
|
|||||||
description: optional specify whether the ConfigMap or its keys must be defined
|
description: optional specify whether the ConfigMap or its keys must be defined
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
downwardAPI:
|
downwardAPI:
|
||||||
description: downwardAPI information about the downwardAPI data to project
|
description: downwardAPI information about the downwardAPI data to project
|
||||||
properties:
|
properties:
|
||||||
@@ -4094,6 +4197,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- fieldPath
|
- fieldPath
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
mode:
|
mode:
|
||||||
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
description: 'Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
||||||
format: int32
|
format: int32
|
||||||
@@ -4120,6 +4224,7 @@ spec:
|
|||||||
required:
|
required:
|
||||||
- resource
|
- resource
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
required:
|
required:
|
||||||
- path
|
- path
|
||||||
type: object
|
type: object
|
||||||
@@ -4155,6 +4260,7 @@ spec:
|
|||||||
description: optional field specify whether the Secret or its key must be defined
|
description: optional field specify whether the Secret or its key must be defined
|
||||||
type: boolean
|
type: boolean
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
serviceAccountToken:
|
serviceAccountToken:
|
||||||
description: serviceAccountToken is information about the serviceAccountToken data to project
|
description: serviceAccountToken is information about the serviceAccountToken data to project
|
||||||
properties:
|
properties:
|
||||||
@@ -4229,6 +4335,7 @@ spec:
|
|||||||
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
user:
|
user:
|
||||||
description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
|
description: 'user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
|
||||||
type: string
|
type: string
|
||||||
@@ -4258,6 +4365,7 @@ spec:
|
|||||||
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
sslEnabled:
|
sslEnabled:
|
||||||
description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
|
description: sslEnabled Flag enable/disable SSL communication with Gateway, default false
|
||||||
type: boolean
|
type: boolean
|
||||||
@@ -4328,6 +4436,7 @@ spec:
|
|||||||
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
||||||
type: string
|
type: string
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
volumeName:
|
volumeName:
|
||||||
description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
|
description: volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace.
|
||||||
type: string
|
type: string
|
||||||
@@ -4437,8 +4546,9 @@ spec:
|
|||||||
- kind
|
- kind
|
||||||
- name
|
- name
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
dataSourceRef:
|
dataSourceRef:
|
||||||
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
|
description: 'dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn''t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn''t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.'
|
||||||
properties:
|
properties:
|
||||||
apiGroup:
|
apiGroup:
|
||||||
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
|
description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
|
||||||
@@ -4460,7 +4570,7 @@ spec:
|
|||||||
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
description: 'resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -4487,7 +4597,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
selector:
|
selector:
|
||||||
@@ -4520,6 +4630,7 @@ spec:
|
|||||||
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
|
x-kubernetes-map-type: atomic
|
||||||
storageClassName:
|
storageClassName:
|
||||||
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
|
description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
|
||||||
type: string
|
type: string
|
||||||
@@ -4538,6 +4649,13 @@ spec:
|
|||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
type: array
|
type: array
|
||||||
|
allocatedResourceStatuses:
|
||||||
|
additionalProperties:
|
||||||
|
description: When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource that it does not recognizes, then it should ignore that update and let other controllers handle it.
|
||||||
|
type: string
|
||||||
|
description: "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n ClaimResourceStatus can be in any of following states: - ControllerResizeInProgress: State set when resize controller starts resizing the volume in control-plane. - ControllerResizeFailed: State set when resize has failed in resize controller with a terminal error. - NodeResizePending: State set when resize controller has finished resizing the volume but further resizing of volume is needed on the node. - NodeResizeInProgress: State set when kubelet starts resizing the volume. - NodeResizeFailed: State set when resizing has failed in kubelet with a terminal error. Transient errors don't set NodeResizeFailed. For example: if expanding a PVC for more capacity - this field can be one of the following states: - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\" - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\" When this field is not set, it means that no resize operation is in progress for the given PVC. \n A controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
|
||||||
|
type: object
|
||||||
|
x-kubernetes-map-type: granular
|
||||||
allocatedResources:
|
allocatedResources:
|
||||||
additionalProperties:
|
additionalProperties:
|
||||||
anyOf:
|
anyOf:
|
||||||
@@ -4545,7 +4663,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
|
description: "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either: * Un-prefixed keys: - storage - the capacity of the volume. * Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\" Apart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used. \n Capacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. \n A controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC. \n This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature."
|
||||||
type: object
|
type: object
|
||||||
capacity:
|
capacity:
|
||||||
additionalProperties:
|
additionalProperties:
|
||||||
@@ -4559,7 +4677,7 @@ spec:
|
|||||||
conditions:
|
conditions:
|
||||||
description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
|
description: conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.
|
||||||
items:
|
items:
|
||||||
description: PersistentVolumeClaimCondition contails details about state of pvc
|
description: PersistentVolumeClaimCondition contains details about state of pvc
|
||||||
properties:
|
properties:
|
||||||
lastProbeTime:
|
lastProbeTime:
|
||||||
description: lastProbeTime is the time we probed the condition.
|
description: lastProbeTime is the time we probed the condition.
|
||||||
@@ -4588,9 +4706,6 @@ spec:
|
|||||||
phase:
|
phase:
|
||||||
description: phase represents the current phase of PersistentVolumeClaim.
|
description: phase represents the current phase of PersistentVolumeClaim.
|
||||||
type: string
|
type: string
|
||||||
resizeStatus:
|
|
||||||
description: resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
|
|
||||||
type: string
|
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
type: array
|
type: array
|
||||||
@@ -4614,7 +4729,7 @@ spec:
|
|||||||
description: ResourceRequirements describes the compute resource requirements.
|
description: ResourceRequirements describes the compute resource requirements.
|
||||||
properties:
|
properties:
|
||||||
claims:
|
claims:
|
||||||
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable."
|
description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers."
|
||||||
items:
|
items:
|
||||||
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
|
||||||
properties:
|
properties:
|
||||||
@@ -4641,7 +4756,7 @@ spec:
|
|||||||
- type: string
|
- type: string
|
||||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||||
x-kubernetes-int-or-string: true
|
x-kubernetes-int-or-string: true
|
||||||
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
||||||
type: object
|
type: object
|
||||||
type: object
|
type: object
|
||||||
storageClassName:
|
storageClassName:
|
||||||
@@ -4680,9 +4795,3 @@ spec:
|
|||||||
subresources:
|
subresources:
|
||||||
status: {}
|
status: {}
|
||||||
preserveUnknownFields: false
|
preserveUnknownFields: false
|
||||||
status:
|
|
||||||
acceptedNames:
|
|
||||||
kind: ""
|
|
||||||
plural: ""
|
|
||||||
conditions: []
|
|
||||||
storedVersions: []
|
|
||||||
|
|||||||
@@ -1,9 +1,7 @@
|
|||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
metadata:
|
metadata:
|
||||||
creationTimestamp: null
|
|
||||||
name: manager-role
|
name: manager-role
|
||||||
rules:
|
rules:
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
|
|||||||
@@ -1,9 +1,7 @@
|
|||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: admissionregistration.k8s.io/v1
|
apiVersion: admissionregistration.k8s.io/v1
|
||||||
kind: MutatingWebhookConfiguration
|
kind: MutatingWebhookConfiguration
|
||||||
metadata:
|
metadata:
|
||||||
creationTimestamp: null
|
|
||||||
name: mutating-webhook-configuration
|
name: mutating-webhook-configuration
|
||||||
webhooks:
|
webhooks:
|
||||||
- admissionReviewVersions:
|
- admissionReviewVersions:
|
||||||
@@ -85,12 +83,10 @@ webhooks:
|
|||||||
resources:
|
resources:
|
||||||
- pods
|
- pods
|
||||||
sideEffects: None
|
sideEffects: None
|
||||||
|
|
||||||
---
|
---
|
||||||
apiVersion: admissionregistration.k8s.io/v1
|
apiVersion: admissionregistration.k8s.io/v1
|
||||||
kind: ValidatingWebhookConfiguration
|
kind: ValidatingWebhookConfiguration
|
||||||
metadata:
|
metadata:
|
||||||
creationTimestamp: null
|
|
||||||
name: validating-webhook-configuration
|
name: validating-webhook-configuration
|
||||||
webhooks:
|
webhooks:
|
||||||
- admissionReviewVersions:
|
- admissionReviewVersions:
|
||||||
|
|||||||
@@ -30,7 +30,6 @@ import (
|
|||||||
"sigs.k8s.io/controller-runtime/pkg/handler"
|
"sigs.k8s.io/controller-runtime/pkg/handler"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/predicate"
|
"sigs.k8s.io/controller-runtime/pkg/predicate"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/reconcile"
|
"sigs.k8s.io/controller-runtime/pkg/reconcile"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/source"
|
|
||||||
|
|
||||||
v1alpha1 "github.com/actions/actions-runner-controller/apis/actions.github.com/v1alpha1"
|
v1alpha1 "github.com/actions/actions-runner-controller/apis/actions.github.com/v1alpha1"
|
||||||
"github.com/actions/actions-runner-controller/controllers/actions.github.com/metrics"
|
"github.com/actions/actions-runner-controller/controllers/actions.github.com/metrics"
|
||||||
@@ -287,6 +286,21 @@ func (r *AutoscalingListenerReconciler) cleanupResources(ctx context.Context, au
|
|||||||
}
|
}
|
||||||
logger.Info("Listener pod is deleted")
|
logger.Info("Listener pod is deleted")
|
||||||
|
|
||||||
|
var secret corev1.Secret
|
||||||
|
err = r.Get(ctx, types.NamespacedName{Namespace: autoscalingListener.Namespace, Name: scaleSetListenerConfigName(autoscalingListener)}, &secret)
|
||||||
|
switch {
|
||||||
|
case err == nil:
|
||||||
|
if secret.ObjectMeta.DeletionTimestamp.IsZero() {
|
||||||
|
logger.Info("Deleting the listener config secret")
|
||||||
|
if err := r.Delete(ctx, &secret); err != nil {
|
||||||
|
return false, fmt.Errorf("failed to delete listener config secret: %v", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false, nil
|
||||||
|
case err != nil && !kerrors.IsNotFound(err):
|
||||||
|
return false, fmt.Errorf("failed to get listener config secret: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
if autoscalingListener.Spec.Proxy != nil {
|
if autoscalingListener.Spec.Proxy != nil {
|
||||||
logger.Info("Cleaning up the listener proxy secret")
|
logger.Info("Cleaning up the listener proxy secret")
|
||||||
proxySecret := new(corev1.Secret)
|
proxySecret := new(corev1.Secret)
|
||||||
@@ -306,6 +320,38 @@ func (r *AutoscalingListenerReconciler) cleanupResources(ctx context.Context, au
|
|||||||
logger.Info("Listener proxy secret is deleted")
|
logger.Info("Listener proxy secret is deleted")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
listenerRoleBinding := new(rbacv1.RoleBinding)
|
||||||
|
err = r.Get(ctx, types.NamespacedName{Namespace: autoscalingListener.Spec.AutoscalingRunnerSetNamespace, Name: scaleSetListenerRoleName(autoscalingListener)}, listenerRoleBinding)
|
||||||
|
switch {
|
||||||
|
case err == nil:
|
||||||
|
if listenerRoleBinding.ObjectMeta.DeletionTimestamp.IsZero() {
|
||||||
|
logger.Info("Deleting the listener role binding")
|
||||||
|
if err := r.Delete(ctx, listenerRoleBinding); err != nil {
|
||||||
|
return false, fmt.Errorf("failed to delete listener role binding: %v", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false, nil
|
||||||
|
case err != nil && !kerrors.IsNotFound(err):
|
||||||
|
return false, fmt.Errorf("failed to get listener role binding: %v", err)
|
||||||
|
}
|
||||||
|
logger.Info("Listener role binding is deleted")
|
||||||
|
|
||||||
|
listenerRole := new(rbacv1.Role)
|
||||||
|
err = r.Get(ctx, types.NamespacedName{Namespace: autoscalingListener.Spec.AutoscalingRunnerSetNamespace, Name: scaleSetListenerRoleName(autoscalingListener)}, listenerRole)
|
||||||
|
switch {
|
||||||
|
case err == nil:
|
||||||
|
if listenerRole.ObjectMeta.DeletionTimestamp.IsZero() {
|
||||||
|
logger.Info("Deleting the listener role")
|
||||||
|
if err := r.Delete(ctx, listenerRole); err != nil {
|
||||||
|
return false, fmt.Errorf("failed to delete listener role: %v", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false, nil
|
||||||
|
case err != nil && !kerrors.IsNotFound(err):
|
||||||
|
return false, fmt.Errorf("failed to get listener role: %v", err)
|
||||||
|
}
|
||||||
|
logger.Info("Listener role is deleted")
|
||||||
|
|
||||||
logger.Info("Cleaning up the listener service account")
|
logger.Info("Cleaning up the listener service account")
|
||||||
listenerSa := new(corev1.ServiceAccount)
|
listenerSa := new(corev1.ServiceAccount)
|
||||||
err = r.Get(ctx, types.NamespacedName{Name: scaleSetListenerServiceAccountName(autoscalingListener), Namespace: autoscalingListener.Namespace}, listenerSa)
|
err = r.Get(ctx, types.NamespacedName{Name: scaleSetListenerServiceAccountName(autoscalingListener), Namespace: autoscalingListener.Namespace}, listenerSa)
|
||||||
@@ -386,13 +432,13 @@ func (r *AutoscalingListenerReconciler) createListenerPod(ctx context.Context, a
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
cert := ""
|
||||||
if autoscalingListener.Spec.GitHubServerTLS != nil {
|
if autoscalingListener.Spec.GitHubServerTLS != nil {
|
||||||
env, err := r.certificateEnvVarForListener(ctx, autoscalingRunnerSet, autoscalingListener)
|
var err error
|
||||||
|
cert, err = r.certificate(ctx, autoscalingRunnerSet, autoscalingListener)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return ctrl.Result{}, fmt.Errorf("failed to create certificate env var for listener: %v", err)
|
return ctrl.Result{}, fmt.Errorf("failed to create certificate env var for listener: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
envs = append(envs, env)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var metricsConfig *listenerMetricsServerConfig
|
var metricsConfig *listenerMetricsServerConfig
|
||||||
@@ -403,7 +449,35 @@ func (r *AutoscalingListenerReconciler) createListenerPod(ctx context.Context, a
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
newPod, err := r.resourceBuilder.newScaleSetListenerPod(autoscalingListener, serviceAccount, secret, metricsConfig, envs...)
|
var podConfig corev1.Secret
|
||||||
|
if err := r.Get(ctx, types.NamespacedName{Namespace: autoscalingListener.Namespace, Name: scaleSetListenerConfigName(autoscalingListener)}, &podConfig); err != nil {
|
||||||
|
if !kerrors.IsNotFound(err) {
|
||||||
|
logger.Error(err, "Unable to get listener config secret", "namespace", autoscalingListener.Namespace, "name", scaleSetListenerConfigName(autoscalingListener))
|
||||||
|
return ctrl.Result{Requeue: true}, err
|
||||||
|
}
|
||||||
|
|
||||||
|
logger.Info("Creating listener config secret")
|
||||||
|
|
||||||
|
podConfig, err := r.resourceBuilder.newScaleSetListenerConfig(autoscalingListener, secret, metricsConfig, cert)
|
||||||
|
if err != nil {
|
||||||
|
logger.Error(err, "Failed to build listener config secret")
|
||||||
|
return ctrl.Result{}, err
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := ctrl.SetControllerReference(autoscalingListener, podConfig, r.Scheme); err != nil {
|
||||||
|
logger.Error(err, "Failed to set controller reference")
|
||||||
|
return ctrl.Result{}, err
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := r.Create(ctx, podConfig); err != nil {
|
||||||
|
logger.Error(err, "Unable to create listener config secret", "namespace", podConfig.Namespace, "name", podConfig.Name)
|
||||||
|
return ctrl.Result{}, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return ctrl.Result{Requeue: true}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
newPod, err := r.resourceBuilder.newScaleSetListenerPod(autoscalingListener, &podConfig, serviceAccount, secret, metricsConfig, envs...)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Error(err, "Failed to build listener pod")
|
logger.Error(err, "Failed to build listener pod")
|
||||||
return ctrl.Result{}, err
|
return ctrl.Result{}, err
|
||||||
@@ -424,13 +498,13 @@ func (r *AutoscalingListenerReconciler) createListenerPod(ctx context.Context, a
|
|||||||
return ctrl.Result{}, nil
|
return ctrl.Result{}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *AutoscalingListenerReconciler) certificateEnvVarForListener(ctx context.Context, autoscalingRunnerSet *v1alpha1.AutoscalingRunnerSet, autoscalingListener *v1alpha1.AutoscalingListener) (corev1.EnvVar, error) {
|
func (r *AutoscalingListenerReconciler) certificate(ctx context.Context, autoscalingRunnerSet *v1alpha1.AutoscalingRunnerSet, autoscalingListener *v1alpha1.AutoscalingListener) (string, error) {
|
||||||
if autoscalingListener.Spec.GitHubServerTLS.CertificateFrom == nil {
|
if autoscalingListener.Spec.GitHubServerTLS.CertificateFrom == nil {
|
||||||
return corev1.EnvVar{}, fmt.Errorf("githubServerTLS.certificateFrom is not specified")
|
return "", fmt.Errorf("githubServerTLS.certificateFrom is not specified")
|
||||||
}
|
}
|
||||||
|
|
||||||
if autoscalingListener.Spec.GitHubServerTLS.CertificateFrom.ConfigMapKeyRef == nil {
|
if autoscalingListener.Spec.GitHubServerTLS.CertificateFrom.ConfigMapKeyRef == nil {
|
||||||
return corev1.EnvVar{}, fmt.Errorf("githubServerTLS.certificateFrom.configMapKeyRef is not specified")
|
return "", fmt.Errorf("githubServerTLS.certificateFrom.configMapKeyRef is not specified")
|
||||||
}
|
}
|
||||||
|
|
||||||
var configmap corev1.ConfigMap
|
var configmap corev1.ConfigMap
|
||||||
@@ -443,7 +517,7 @@ func (r *AutoscalingListenerReconciler) certificateEnvVarForListener(ctx context
|
|||||||
&configmap,
|
&configmap,
|
||||||
)
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return corev1.EnvVar{}, fmt.Errorf(
|
return "", fmt.Errorf(
|
||||||
"failed to get configmap %s: %w",
|
"failed to get configmap %s: %w",
|
||||||
autoscalingListener.Spec.GitHubServerTLS.CertificateFrom.ConfigMapKeyRef.Name,
|
autoscalingListener.Spec.GitHubServerTLS.CertificateFrom.ConfigMapKeyRef.Name,
|
||||||
err,
|
err,
|
||||||
@@ -452,17 +526,14 @@ func (r *AutoscalingListenerReconciler) certificateEnvVarForListener(ctx context
|
|||||||
|
|
||||||
certificate, ok := configmap.Data[autoscalingListener.Spec.GitHubServerTLS.CertificateFrom.ConfigMapKeyRef.Key]
|
certificate, ok := configmap.Data[autoscalingListener.Spec.GitHubServerTLS.CertificateFrom.ConfigMapKeyRef.Key]
|
||||||
if !ok {
|
if !ok {
|
||||||
return corev1.EnvVar{}, fmt.Errorf(
|
return "", fmt.Errorf(
|
||||||
"key %s is not found in configmap %s",
|
"key %s is not found in configmap %s",
|
||||||
autoscalingListener.Spec.GitHubServerTLS.CertificateFrom.ConfigMapKeyRef.Key,
|
autoscalingListener.Spec.GitHubServerTLS.CertificateFrom.ConfigMapKeyRef.Key,
|
||||||
autoscalingListener.Spec.GitHubServerTLS.CertificateFrom.ConfigMapKeyRef.Name,
|
autoscalingListener.Spec.GitHubServerTLS.CertificateFrom.ConfigMapKeyRef.Name,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
return corev1.EnvVar{
|
return certificate, nil
|
||||||
Name: "GITHUB_SERVER_ROOT_CA",
|
|
||||||
Value: certificate,
|
|
||||||
}, nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *AutoscalingListenerReconciler) createSecretsForListener(ctx context.Context, autoscalingListener *v1alpha1.AutoscalingListener, secret *corev1.Secret, logger logr.Logger) (ctrl.Result, error) {
|
func (r *AutoscalingListenerReconciler) createSecretsForListener(ctx context.Context, autoscalingListener *v1alpha1.AutoscalingListener, secret *corev1.Secret, logger logr.Logger) (ctrl.Result, error) {
|
||||||
@@ -643,7 +714,7 @@ func (r *AutoscalingListenerReconciler) SetupWithManager(mgr ctrl.Manager) error
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
labelBasedWatchFunc := func(obj client.Object) []reconcile.Request {
|
labelBasedWatchFunc := func(_ context.Context, obj client.Object) []reconcile.Request {
|
||||||
var requests []reconcile.Request
|
var requests []reconcile.Request
|
||||||
labels := obj.GetLabels()
|
labels := obj.GetLabels()
|
||||||
namespace, ok := labels["auto-scaling-listener-namespace"]
|
namespace, ok := labels["auto-scaling-listener-namespace"]
|
||||||
@@ -670,8 +741,8 @@ func (r *AutoscalingListenerReconciler) SetupWithManager(mgr ctrl.Manager) error
|
|||||||
For(&v1alpha1.AutoscalingListener{}).
|
For(&v1alpha1.AutoscalingListener{}).
|
||||||
Owns(&corev1.Pod{}).
|
Owns(&corev1.Pod{}).
|
||||||
Owns(&corev1.ServiceAccount{}).
|
Owns(&corev1.ServiceAccount{}).
|
||||||
Watches(&source.Kind{Type: &rbacv1.Role{}}, handler.EnqueueRequestsFromMapFunc(labelBasedWatchFunc)).
|
Watches(&rbacv1.Role{}, handler.EnqueueRequestsFromMapFunc(labelBasedWatchFunc)).
|
||||||
Watches(&source.Kind{Type: &rbacv1.RoleBinding{}}, handler.EnqueueRequestsFromMapFunc(labelBasedWatchFunc)).
|
Watches(&rbacv1.RoleBinding{}, handler.EnqueueRequestsFromMapFunc(labelBasedWatchFunc)).
|
||||||
WithEventFilter(predicate.ResourceVersionChangedPredicate{}).
|
WithEventFilter(predicate.ResourceVersionChangedPredicate{}).
|
||||||
Complete(r)
|
Complete(r)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,6 +2,7 @@ package actionsgithubcom
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
@@ -13,6 +14,7 @@ import (
|
|||||||
"sigs.k8s.io/controller-runtime/pkg/client"
|
"sigs.k8s.io/controller-runtime/pkg/client"
|
||||||
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
||||||
|
|
||||||
|
listenerconfig "github.com/actions/actions-runner-controller/cmd/githubrunnerscalesetlistener/config"
|
||||||
. "github.com/onsi/ginkgo/v2"
|
. "github.com/onsi/ginkgo/v2"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
kerrors "k8s.io/apimachinery/pkg/api/errors"
|
kerrors "k8s.io/apimachinery/pkg/api/errors"
|
||||||
@@ -103,6 +105,19 @@ var _ = Describe("Test AutoScalingListener controller", func() {
|
|||||||
|
|
||||||
Context("When creating a new AutoScalingListener", func() {
|
Context("When creating a new AutoScalingListener", func() {
|
||||||
It("It should create/add all required resources for a new AutoScalingListener (finalizer, secret, service account, role, rolebinding, pod)", func() {
|
It("It should create/add all required resources for a new AutoScalingListener (finalizer, secret, service account, role, rolebinding, pod)", func() {
|
||||||
|
config := new(corev1.Secret)
|
||||||
|
Eventually(
|
||||||
|
func() error {
|
||||||
|
err := k8sClient.Get(ctx, client.ObjectKey{Name: scaleSetListenerConfigName(autoscalingListener), Namespace: configSecret.Namespace}, config)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
},
|
||||||
|
autoscalingListenerTestTimeout,
|
||||||
|
autoscalingListenerTestInterval,
|
||||||
|
).Should(Succeed(), "Config secret should be created")
|
||||||
|
|
||||||
// Check if finalizer is added
|
// Check if finalizer is added
|
||||||
created := new(actionsv1alpha1.AutoscalingListener)
|
created := new(actionsv1alpha1.AutoscalingListener)
|
||||||
Eventually(
|
Eventually(
|
||||||
@@ -203,7 +218,8 @@ var _ = Describe("Test AutoScalingListener controller", func() {
|
|||||||
return pod.Name, nil
|
return pod.Name, nil
|
||||||
},
|
},
|
||||||
autoscalingListenerTestTimeout,
|
autoscalingListenerTestTimeout,
|
||||||
autoscalingListenerTestInterval).Should(BeEquivalentTo(autoscalingListener.Name), "Pod should be created")
|
autoscalingListenerTestInterval,
|
||||||
|
).Should(BeEquivalentTo(autoscalingListener.Name), "Pod should be created")
|
||||||
|
|
||||||
// Delete the AutoScalingListener
|
// Delete the AutoScalingListener
|
||||||
err := k8sClient.Delete(ctx, autoscalingListener)
|
err := k8sClient.Delete(ctx, autoscalingListener)
|
||||||
@@ -225,7 +241,41 @@ var _ = Describe("Test AutoScalingListener controller", func() {
|
|||||||
return nil
|
return nil
|
||||||
},
|
},
|
||||||
autoscalingListenerTestTimeout,
|
autoscalingListenerTestTimeout,
|
||||||
autoscalingListenerTestInterval).ShouldNot(Succeed(), "failed to delete pod")
|
autoscalingListenerTestInterval,
|
||||||
|
).ShouldNot(Succeed(), "failed to delete pod")
|
||||||
|
|
||||||
|
// Cleanup the listener role binding
|
||||||
|
Eventually(
|
||||||
|
func() bool {
|
||||||
|
roleBinding := new(rbacv1.RoleBinding)
|
||||||
|
err := k8sClient.Get(ctx, client.ObjectKey{Name: scaleSetListenerRoleName(autoscalingListener), Namespace: autoscalingListener.Spec.AutoscalingRunnerSetNamespace}, roleBinding)
|
||||||
|
return kerrors.IsNotFound(err)
|
||||||
|
},
|
||||||
|
autoscalingListenerTestTimeout,
|
||||||
|
autoscalingListenerTestInterval,
|
||||||
|
).Should(BeTrue(), "failed to delete role binding")
|
||||||
|
|
||||||
|
// Cleanup the listener role
|
||||||
|
Eventually(
|
||||||
|
func() bool {
|
||||||
|
role := new(rbacv1.Role)
|
||||||
|
err := k8sClient.Get(ctx, client.ObjectKey{Name: scaleSetListenerRoleName(autoscalingListener), Namespace: autoscalingListener.Spec.AutoscalingRunnerSetNamespace}, role)
|
||||||
|
return kerrors.IsNotFound(err)
|
||||||
|
},
|
||||||
|
autoscalingListenerTestTimeout,
|
||||||
|
autoscalingListenerTestInterval,
|
||||||
|
).Should(BeTrue(), "failed to delete role")
|
||||||
|
|
||||||
|
// Cleanup the listener config
|
||||||
|
Eventually(
|
||||||
|
func() bool {
|
||||||
|
config := new(corev1.Secret)
|
||||||
|
err := k8sClient.Get(ctx, client.ObjectKey{Name: scaleSetListenerConfigName(autoscalingListener), Namespace: autoscalingListener.Namespace}, config)
|
||||||
|
return kerrors.IsNotFound(err)
|
||||||
|
},
|
||||||
|
autoscalingListenerTestTimeout,
|
||||||
|
autoscalingListenerTestInterval,
|
||||||
|
).Should(BeTrue(), "failed to delete config secret")
|
||||||
|
|
||||||
// Cleanup the listener service account
|
// Cleanup the listener service account
|
||||||
Eventually(
|
Eventually(
|
||||||
@@ -477,6 +527,17 @@ var _ = Describe("Test AutoScalingListener customization", func() {
|
|||||||
autoscalingListenerTestTimeout,
|
autoscalingListenerTestTimeout,
|
||||||
autoscalingListenerTestInterval).Should(BeEquivalentTo(autoscalingListenerFinalizerName), "AutoScalingListener should have a finalizer")
|
autoscalingListenerTestInterval).Should(BeEquivalentTo(autoscalingListenerFinalizerName), "AutoScalingListener should have a finalizer")
|
||||||
|
|
||||||
|
// Check if config is created
|
||||||
|
config := new(corev1.Secret)
|
||||||
|
Eventually(
|
||||||
|
func() error {
|
||||||
|
err := k8sClient.Get(ctx, client.ObjectKey{Name: scaleSetListenerConfigName(autoscalingListener), Namespace: autoscalingListener.Namespace}, config)
|
||||||
|
return err
|
||||||
|
},
|
||||||
|
autoscalingListenerTestTimeout,
|
||||||
|
autoscalingListenerTestInterval,
|
||||||
|
).Should(Succeed(), "Config secret should be created")
|
||||||
|
|
||||||
// Check if pod is created
|
// Check if pod is created
|
||||||
pod := new(corev1.Pod)
|
pod := new(corev1.Pod)
|
||||||
Eventually(
|
Eventually(
|
||||||
@@ -701,6 +762,155 @@ var _ = Describe("Test AutoScalingListener controller with proxy", func() {
|
|||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
|
var _ = Describe("Test AutoScalingListener controller with template modification", func() {
|
||||||
|
var ctx context.Context
|
||||||
|
var mgr ctrl.Manager
|
||||||
|
var autoscalingNS *corev1.Namespace
|
||||||
|
var autoscalingRunnerSet *actionsv1alpha1.AutoscalingRunnerSet
|
||||||
|
var configSecret *corev1.Secret
|
||||||
|
var autoscalingListener *actionsv1alpha1.AutoscalingListener
|
||||||
|
|
||||||
|
createRunnerSetAndListener := func(listenerTemplate *corev1.PodTemplateSpec) {
|
||||||
|
min := 1
|
||||||
|
max := 10
|
||||||
|
autoscalingRunnerSet = &actionsv1alpha1.AutoscalingRunnerSet{
|
||||||
|
ObjectMeta: metav1.ObjectMeta{
|
||||||
|
Name: "test-asrs",
|
||||||
|
Namespace: autoscalingNS.Name,
|
||||||
|
},
|
||||||
|
Spec: actionsv1alpha1.AutoscalingRunnerSetSpec{
|
||||||
|
GitHubConfigUrl: "https://github.com/owner/repo",
|
||||||
|
GitHubConfigSecret: configSecret.Name,
|
||||||
|
MaxRunners: &max,
|
||||||
|
MinRunners: &min,
|
||||||
|
Template: corev1.PodTemplateSpec{
|
||||||
|
Spec: corev1.PodSpec{
|
||||||
|
Containers: []corev1.Container{
|
||||||
|
{
|
||||||
|
Name: "runner",
|
||||||
|
Image: "ghcr.io/actions/runner",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
ListenerTemplate: listenerTemplate,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
err := k8sClient.Create(ctx, autoscalingRunnerSet)
|
||||||
|
Expect(err).NotTo(HaveOccurred(), "failed to create AutoScalingRunnerSet")
|
||||||
|
|
||||||
|
autoscalingListener = &actionsv1alpha1.AutoscalingListener{
|
||||||
|
ObjectMeta: metav1.ObjectMeta{
|
||||||
|
Name: "test-asl",
|
||||||
|
Namespace: autoscalingNS.Name,
|
||||||
|
},
|
||||||
|
Spec: actionsv1alpha1.AutoscalingListenerSpec{
|
||||||
|
GitHubConfigUrl: "https://github.com/owner/repo",
|
||||||
|
GitHubConfigSecret: configSecret.Name,
|
||||||
|
RunnerScaleSetId: 1,
|
||||||
|
AutoscalingRunnerSetNamespace: autoscalingRunnerSet.Namespace,
|
||||||
|
AutoscalingRunnerSetName: autoscalingRunnerSet.Name,
|
||||||
|
EphemeralRunnerSetName: "test-ers",
|
||||||
|
MaxRunners: 10,
|
||||||
|
MinRunners: 1,
|
||||||
|
Image: "ghcr.io/owner/repo",
|
||||||
|
Template: listenerTemplate,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
err = k8sClient.Create(ctx, autoscalingListener)
|
||||||
|
Expect(err).NotTo(HaveOccurred(), "failed to create AutoScalingListener")
|
||||||
|
}
|
||||||
|
|
||||||
|
BeforeEach(func() {
|
||||||
|
ctx = context.Background()
|
||||||
|
autoscalingNS, mgr = createNamespace(GinkgoT(), k8sClient)
|
||||||
|
configSecret = createDefaultSecret(GinkgoT(), k8sClient, autoscalingNS.Name)
|
||||||
|
|
||||||
|
controller := &AutoscalingListenerReconciler{
|
||||||
|
Client: mgr.GetClient(),
|
||||||
|
Scheme: mgr.GetScheme(),
|
||||||
|
Log: logf.Log,
|
||||||
|
}
|
||||||
|
err := controller.SetupWithManager(mgr)
|
||||||
|
Expect(err).NotTo(HaveOccurred(), "failed to setup controller")
|
||||||
|
|
||||||
|
startManagers(GinkgoT(), mgr)
|
||||||
|
})
|
||||||
|
|
||||||
|
It("Should create listener pod with modified spec", func() {
|
||||||
|
runAsUser1001 := int64(1001)
|
||||||
|
runAsUser1000 := int64(1000)
|
||||||
|
tmpl := &corev1.PodTemplateSpec{
|
||||||
|
ObjectMeta: metav1.ObjectMeta{
|
||||||
|
Annotations: map[string]string{
|
||||||
|
"test-annotation-key": "test-annotation-value",
|
||||||
|
},
|
||||||
|
Labels: map[string]string{
|
||||||
|
"test-label-key": "test-label-value",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Spec: corev1.PodSpec{
|
||||||
|
Containers: []corev1.Container{
|
||||||
|
{
|
||||||
|
Name: "listener",
|
||||||
|
ImagePullPolicy: corev1.PullAlways,
|
||||||
|
SecurityContext: &corev1.SecurityContext{
|
||||||
|
RunAsUser: &runAsUser1001,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Name: "sidecar",
|
||||||
|
ImagePullPolicy: corev1.PullIfNotPresent,
|
||||||
|
Image: "busybox",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
SecurityContext: &corev1.PodSecurityContext{
|
||||||
|
RunAsUser: &runAsUser1000,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
createRunnerSetAndListener(tmpl)
|
||||||
|
|
||||||
|
// wait for listener pod to be created
|
||||||
|
Eventually(
|
||||||
|
func(g Gomega) {
|
||||||
|
pod := new(corev1.Pod)
|
||||||
|
err := k8sClient.Get(
|
||||||
|
ctx,
|
||||||
|
client.ObjectKey{Name: autoscalingListener.Name, Namespace: autoscalingListener.Namespace},
|
||||||
|
pod,
|
||||||
|
)
|
||||||
|
g.Expect(err).NotTo(HaveOccurred(), "failed to get pod")
|
||||||
|
|
||||||
|
g.Expect(pod.ObjectMeta.Annotations).To(HaveKeyWithValue("test-annotation-key", "test-annotation-value"), "pod annotations should be copied from runner set template")
|
||||||
|
g.Expect(pod.ObjectMeta.Labels).To(HaveKeyWithValue("test-label-key", "test-label-value"), "pod labels should be copied from runner set template")
|
||||||
|
|
||||||
|
},
|
||||||
|
autoscalingListenerTestTimeout,
|
||||||
|
autoscalingListenerTestInterval).Should(Succeed(), "failed to create listener pod with proxy details")
|
||||||
|
|
||||||
|
// Delete the AutoScalingListener
|
||||||
|
err := k8sClient.Delete(ctx, autoscalingListener)
|
||||||
|
Expect(err).NotTo(HaveOccurred(), "failed to delete test AutoScalingListener")
|
||||||
|
|
||||||
|
Eventually(
|
||||||
|
func(g Gomega) {
|
||||||
|
var proxySecret corev1.Secret
|
||||||
|
err := k8sClient.Get(
|
||||||
|
ctx,
|
||||||
|
types.NamespacedName{Name: proxyListenerSecretName(autoscalingListener), Namespace: autoscalingNS.Name},
|
||||||
|
&proxySecret,
|
||||||
|
)
|
||||||
|
g.Expect(kerrors.IsNotFound(err)).To(BeTrue())
|
||||||
|
},
|
||||||
|
autoscalingListenerTestTimeout,
|
||||||
|
autoscalingListenerTestInterval).Should(Succeed(), "failed to delete secret with proxy details")
|
||||||
|
})
|
||||||
|
})
|
||||||
|
|
||||||
var _ = Describe("Test GitHub Server TLS configuration", func() {
|
var _ = Describe("Test GitHub Server TLS configuration", func() {
|
||||||
var ctx context.Context
|
var ctx context.Context
|
||||||
var mgr ctrl.Manager
|
var mgr ctrl.Manager
|
||||||
@@ -816,31 +1026,26 @@ var _ = Describe("Test GitHub Server TLS configuration", func() {
|
|||||||
})
|
})
|
||||||
|
|
||||||
Context("When creating a new AutoScalingListener", func() {
|
Context("When creating a new AutoScalingListener", func() {
|
||||||
It("It should set the certificates as an environment variable on the pod", func() {
|
It("It should set the certificates in the config of the pod", func() {
|
||||||
pod := new(corev1.Pod)
|
config := new(corev1.Secret)
|
||||||
Eventually(
|
Eventually(
|
||||||
func(g Gomega) {
|
func(g Gomega) {
|
||||||
err := k8sClient.Get(
|
err := k8sClient.Get(
|
||||||
ctx,
|
ctx,
|
||||||
client.ObjectKey{
|
client.ObjectKey{
|
||||||
Name: autoscalingListener.Name,
|
Name: scaleSetListenerConfigName(autoscalingListener),
|
||||||
Namespace: autoscalingListener.Namespace,
|
Namespace: autoscalingListener.Namespace,
|
||||||
},
|
},
|
||||||
pod,
|
config,
|
||||||
)
|
)
|
||||||
|
|
||||||
g.Expect(err).NotTo(HaveOccurred(), "failed to get pod")
|
g.Expect(err).NotTo(HaveOccurred(), "failed to get pod")
|
||||||
g.Expect(pod.Spec.Containers).NotTo(BeEmpty(), "pod should have containers")
|
|
||||||
g.Expect(pod.Spec.Containers[0].Env).NotTo(BeEmpty(), "pod should have env variables")
|
|
||||||
|
|
||||||
var env *corev1.EnvVar
|
g.Expect(config.Data["config.json"]).ToNot(BeEmpty(), "listener configuration file should not be empty")
|
||||||
for _, e := range pod.Spec.Containers[0].Env {
|
|
||||||
if e.Name == "GITHUB_SERVER_ROOT_CA" {
|
var listenerConfig listenerconfig.Config
|
||||||
env = &e
|
err = json.Unmarshal(config.Data["config.json"], &listenerConfig)
|
||||||
break
|
g.Expect(err).NotTo(HaveOccurred(), "failed to parse listener configuration file")
|
||||||
}
|
|
||||||
}
|
|
||||||
g.Expect(env).NotTo(BeNil(), "pod should have an env variable named GITHUB_SERVER_ROOT_CA_PATH")
|
|
||||||
|
|
||||||
cert, err := os.ReadFile(filepath.Join(
|
cert, err := os.ReadFile(filepath.Join(
|
||||||
"../../",
|
"../../",
|
||||||
@@ -851,7 +1056,7 @@ var _ = Describe("Test GitHub Server TLS configuration", func() {
|
|||||||
))
|
))
|
||||||
g.Expect(err).NotTo(HaveOccurred(), "failed to read rootCA.crt")
|
g.Expect(err).NotTo(HaveOccurred(), "failed to read rootCA.crt")
|
||||||
|
|
||||||
g.Expect(env.Value).To(
|
g.Expect(listenerConfig.ServerRootCA).To(
|
||||||
BeEquivalentTo(string(cert)),
|
BeEquivalentTo(string(cert)),
|
||||||
"GITHUB_SERVER_ROOT_CA should be the rootCA.crt",
|
"GITHUB_SERVER_ROOT_CA should be the rootCA.crt",
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -39,7 +39,6 @@ import (
|
|||||||
"sigs.k8s.io/controller-runtime/pkg/handler"
|
"sigs.k8s.io/controller-runtime/pkg/handler"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/predicate"
|
"sigs.k8s.io/controller-runtime/pkg/predicate"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/reconcile"
|
"sigs.k8s.io/controller-runtime/pkg/reconcile"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/source"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@@ -774,8 +773,8 @@ func (r *AutoscalingRunnerSetReconciler) SetupWithManager(mgr ctrl.Manager) erro
|
|||||||
return ctrl.NewControllerManagedBy(mgr).
|
return ctrl.NewControllerManagedBy(mgr).
|
||||||
For(&v1alpha1.AutoscalingRunnerSet{}).
|
For(&v1alpha1.AutoscalingRunnerSet{}).
|
||||||
Owns(&v1alpha1.EphemeralRunnerSet{}).
|
Owns(&v1alpha1.EphemeralRunnerSet{}).
|
||||||
Watches(&source.Kind{Type: &v1alpha1.AutoscalingListener{}}, handler.EnqueueRequestsFromMapFunc(
|
Watches(&v1alpha1.AutoscalingListener{}, handler.EnqueueRequestsFromMapFunc(
|
||||||
func(o client.Object) []reconcile.Request {
|
func(_ context.Context, o client.Object) []reconcile.Request {
|
||||||
autoscalingListener := o.(*v1alpha1.AutoscalingListener)
|
autoscalingListener := o.(*v1alpha1.AutoscalingListener)
|
||||||
return []reconcile.Request{
|
return []reconcile.Request{
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -2,7 +2,6 @@ package actionsgithubcom
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/actions/actions-runner-controller/logging"
|
"github.com/actions/actions-runner-controller/logging"
|
||||||
corev1 "k8s.io/api/core/v1"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@@ -59,10 +58,6 @@ const (
|
|||||||
AnnotationKeyNoPermissionServiceAccountName = "actions.github.com/cleanup-no-permission-service-account-name"
|
AnnotationKeyNoPermissionServiceAccountName = "actions.github.com/cleanup-no-permission-service-account-name"
|
||||||
)
|
)
|
||||||
|
|
||||||
// DefaultScaleSetListenerImagePullPolicy is the default pull policy applied
|
|
||||||
// to the listener when ImagePullPolicy is not specified
|
|
||||||
const DefaultScaleSetListenerImagePullPolicy = corev1.PullIfNotPresent
|
|
||||||
|
|
||||||
// DefaultScaleSetListenerLogLevel is the default log level applied
|
// DefaultScaleSetListenerLogLevel is the default log level applied
|
||||||
const DefaultScaleSetListenerLogLevel = string(logging.LogLevelDebug)
|
const DefaultScaleSetListenerLogLevel = string(logging.LogLevelDebug)
|
||||||
|
|
||||||
|
|||||||
@@ -191,7 +191,8 @@ func (r *EphemeralRunnerReconciler) Reconcile(ctx context.Context, req ctrl.Requ
|
|||||||
|
|
||||||
case len(ephemeralRunner.Status.Failures) > 5:
|
case len(ephemeralRunner.Status.Failures) > 5:
|
||||||
log.Info("EphemeralRunner has failed more than 5 times. Marking it as failed")
|
log.Info("EphemeralRunner has failed more than 5 times. Marking it as failed")
|
||||||
if err := r.markAsFailed(ctx, ephemeralRunner, log); err != nil {
|
errMessage := fmt.Sprintf("Pod has failed to start more than 5 times: %s", pod.Status.Message)
|
||||||
|
if err := r.markAsFailed(ctx, ephemeralRunner, errMessage, log); err != nil {
|
||||||
log.Error(err, "Failed to set ephemeral runner to phase Failed")
|
log.Error(err, "Failed to set ephemeral runner to phase Failed")
|
||||||
return ctrl.Result{}, err
|
return ctrl.Result{}, err
|
||||||
}
|
}
|
||||||
@@ -423,12 +424,12 @@ func (r *EphemeralRunnerReconciler) cleanupRunnerLinkedSecrets(ctx context.Conte
|
|||||||
return false, multierr.Combine(errs...)
|
return false, multierr.Combine(errs...)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *EphemeralRunnerReconciler) markAsFailed(ctx context.Context, ephemeralRunner *v1alpha1.EphemeralRunner, log logr.Logger) error {
|
func (r *EphemeralRunnerReconciler) markAsFailed(ctx context.Context, ephemeralRunner *v1alpha1.EphemeralRunner, errMessage string, log logr.Logger) error {
|
||||||
log.Info("Updating ephemeral runner status to Failed")
|
log.Info("Updating ephemeral runner status to Failed")
|
||||||
if err := patchSubResource(ctx, r.Status(), ephemeralRunner, func(obj *v1alpha1.EphemeralRunner) {
|
if err := patchSubResource(ctx, r.Status(), ephemeralRunner, func(obj *v1alpha1.EphemeralRunner) {
|
||||||
obj.Status.Phase = corev1.PodFailed
|
obj.Status.Phase = corev1.PodFailed
|
||||||
obj.Status.Reason = "TooManyPodFailures"
|
obj.Status.Reason = "TooManyPodFailures"
|
||||||
obj.Status.Message = "Pod has failed to start more than 5 times"
|
obj.Status.Message = errMessage
|
||||||
}); err != nil {
|
}); err != nil {
|
||||||
return fmt.Errorf("failed to update ephemeral runner status Phase/Message: %v", err)
|
return fmt.Errorf("failed to update ephemeral runner status Phase/Message: %v", err)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -9,6 +9,7 @@ import (
|
|||||||
corev1 "k8s.io/api/core/v1"
|
corev1 "k8s.io/api/core/v1"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
ctrl "sigs.k8s.io/controller-runtime"
|
ctrl "sigs.k8s.io/controller-runtime"
|
||||||
|
"sigs.k8s.io/controller-runtime/pkg/cache"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/client"
|
"sigs.k8s.io/controller-runtime/pkg/client"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/manager"
|
"sigs.k8s.io/controller-runtime/pkg/manager"
|
||||||
)
|
)
|
||||||
@@ -45,8 +46,11 @@ func createNamespace(t ginkgo.GinkgoTInterface, client client.Client) (*corev1.N
|
|||||||
})
|
})
|
||||||
|
|
||||||
mgr, err := ctrl.NewManager(cfg, ctrl.Options{
|
mgr, err := ctrl.NewManager(cfg, ctrl.Options{
|
||||||
Namespace: ns.Name,
|
Cache: cache.Options{
|
||||||
MetricsBindAddress: "0",
|
DefaultNamespaces: map[string]cache.Config{
|
||||||
|
ns.Name: {},
|
||||||
|
},
|
||||||
|
},
|
||||||
})
|
})
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
|||||||
@@ -1,7 +1,9 @@
|
|||||||
package actionsgithubcom
|
package actionsgithubcom
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"math"
|
"math"
|
||||||
"net"
|
"net"
|
||||||
@@ -9,6 +11,7 @@ import (
|
|||||||
|
|
||||||
"github.com/actions/actions-runner-controller/apis/actions.github.com/v1alpha1"
|
"github.com/actions/actions-runner-controller/apis/actions.github.com/v1alpha1"
|
||||||
"github.com/actions/actions-runner-controller/build"
|
"github.com/actions/actions-runner-controller/build"
|
||||||
|
listenerconfig "github.com/actions/actions-runner-controller/cmd/githubrunnerscalesetlistener/config"
|
||||||
"github.com/actions/actions-runner-controller/github/actions"
|
"github.com/actions/actions-runner-controller/github/actions"
|
||||||
"github.com/actions/actions-runner-controller/hash"
|
"github.com/actions/actions-runner-controller/hash"
|
||||||
"github.com/actions/actions-runner-controller/logging"
|
"github.com/actions/actions-runner-controller/logging"
|
||||||
@@ -33,38 +36,11 @@ var commonLabelKeys = [...]string{
|
|||||||
LabelKeyGitHubRepository,
|
LabelKeyGitHubRepository,
|
||||||
}
|
}
|
||||||
|
|
||||||
var reservedListenerContainerEnvKeys = map[string]struct{}{
|
|
||||||
"GITHUB_CONFIGURE_URL": {},
|
|
||||||
"GITHUB_EPHEMERAL_RUNNER_SET_NAMESPACE": {},
|
|
||||||
"GITHUB_EPHEMERAL_RUNNER_SET_NAME": {},
|
|
||||||
"GITHUB_MAX_RUNNERS": {},
|
|
||||||
"GITHUB_MIN_RUNNERS": {},
|
|
||||||
"GITHUB_RUNNER_SCALE_SET_ID": {},
|
|
||||||
"GITHUB_RUNNER_LOG_LEVEL": {},
|
|
||||||
"GITHUB_RUNNER_LOG_FORMAT": {},
|
|
||||||
"GITHUB_TOKEN": {},
|
|
||||||
"GITHUB_APP_ID": {},
|
|
||||||
"GITHUB_APP_INSTALLATION_ID": {},
|
|
||||||
"GITHUB_APP_PRIVATE_KEY": {},
|
|
||||||
}
|
|
||||||
|
|
||||||
const labelValueKubernetesPartOf = "gha-runner-scale-set"
|
const labelValueKubernetesPartOf = "gha-runner-scale-set"
|
||||||
|
|
||||||
var scaleSetListenerLogLevel = DefaultScaleSetListenerLogLevel
|
var scaleSetListenerLogLevel = DefaultScaleSetListenerLogLevel
|
||||||
var scaleSetListenerLogFormat = DefaultScaleSetListenerLogFormat
|
var scaleSetListenerLogFormat = DefaultScaleSetListenerLogFormat
|
||||||
|
|
||||||
var scaleSetListenerImagePullPolicy = DefaultScaleSetListenerImagePullPolicy
|
|
||||||
|
|
||||||
func SetListenerImagePullPolicy(pullPolicy string) bool {
|
|
||||||
switch p := corev1.PullPolicy(pullPolicy); p {
|
|
||||||
case corev1.PullAlways, corev1.PullIfNotPresent, corev1.PullNever:
|
|
||||||
scaleSetListenerImagePullPolicy = p
|
|
||||||
return true
|
|
||||||
default:
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func SetListenerLoggingParameters(level string, format string) bool {
|
func SetListenerLoggingParameters(level string, format string) bool {
|
||||||
switch level {
|
switch level {
|
||||||
case logging.LogLevelDebug, logging.LogLevelInfo, logging.LogLevelWarn, logging.LogLevelError:
|
case logging.LogLevelDebug, logging.LogLevelInfo, logging.LogLevelWarn, logging.LogLevelError:
|
||||||
@@ -144,147 +120,131 @@ type listenerMetricsServerConfig struct {
|
|||||||
endpoint string
|
endpoint string
|
||||||
}
|
}
|
||||||
|
|
||||||
func (b *resourceBuilder) newScaleSetListenerPod(autoscalingListener *v1alpha1.AutoscalingListener, serviceAccount *corev1.ServiceAccount, secret *corev1.Secret, metricsConfig *listenerMetricsServerConfig, envs ...corev1.EnvVar) (*corev1.Pod, error) {
|
func (lm *listenerMetricsServerConfig) containerPort() (corev1.ContainerPort, error) {
|
||||||
|
_, portStr, err := net.SplitHostPort(lm.addr)
|
||||||
|
if err != nil {
|
||||||
|
return corev1.ContainerPort{}, err
|
||||||
|
}
|
||||||
|
port, err := strconv.ParseInt(portStr, 10, 32)
|
||||||
|
if err != nil {
|
||||||
|
return corev1.ContainerPort{}, err
|
||||||
|
}
|
||||||
|
return corev1.ContainerPort{
|
||||||
|
ContainerPort: int32(port),
|
||||||
|
Protocol: corev1.ProtocolTCP,
|
||||||
|
Name: "metrics",
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (b *resourceBuilder) newScaleSetListenerConfig(autoscalingListener *v1alpha1.AutoscalingListener, secret *corev1.Secret, metricsConfig *listenerMetricsServerConfig, cert string) (*corev1.Secret, error) {
|
||||||
|
var (
|
||||||
|
metricsAddr = ""
|
||||||
|
metricsEndpoint = ""
|
||||||
|
)
|
||||||
|
if metricsConfig != nil {
|
||||||
|
metricsAddr = metricsConfig.addr
|
||||||
|
metricsEndpoint = metricsConfig.endpoint
|
||||||
|
}
|
||||||
|
|
||||||
|
var appID int64
|
||||||
|
if id, ok := secret.Data["github_app_id"]; ok {
|
||||||
|
var err error
|
||||||
|
appID, err = strconv.ParseInt(string(id), 10, 64)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("failed to convert github_app_id to int: %v", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
var appInstallationID int64
|
||||||
|
if id, ok := secret.Data["github_app_installation_id"]; ok {
|
||||||
|
var err error
|
||||||
|
appInstallationID, err = strconv.ParseInt(string(id), 10, 64)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("failed to convert github_app_installation_id to int: %v", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
config := listenerconfig.Config{
|
||||||
|
ConfigureUrl: autoscalingListener.Spec.GitHubConfigUrl,
|
||||||
|
AppID: appID,
|
||||||
|
AppInstallationID: appInstallationID,
|
||||||
|
AppPrivateKey: string(secret.Data["github_app_private_key"]),
|
||||||
|
Token: string(secret.Data["github_token"]),
|
||||||
|
EphemeralRunnerSetNamespace: autoscalingListener.Spec.AutoscalingRunnerSetNamespace,
|
||||||
|
EphemeralRunnerSetName: autoscalingListener.Spec.EphemeralRunnerSetName,
|
||||||
|
MaxRunners: autoscalingListener.Spec.MaxRunners,
|
||||||
|
MinRunners: autoscalingListener.Spec.MinRunners,
|
||||||
|
RunnerScaleSetId: autoscalingListener.Spec.RunnerScaleSetId,
|
||||||
|
RunnerScaleSetName: autoscalingListener.Spec.AutoscalingRunnerSetName,
|
||||||
|
ServerRootCA: cert,
|
||||||
|
LogLevel: scaleSetListenerLogLevel,
|
||||||
|
LogFormat: scaleSetListenerLogFormat,
|
||||||
|
MetricsAddr: metricsAddr,
|
||||||
|
MetricsEndpoint: metricsEndpoint,
|
||||||
|
}
|
||||||
|
|
||||||
|
var buf bytes.Buffer
|
||||||
|
if err := json.NewEncoder(&buf).Encode(config); err != nil {
|
||||||
|
return nil, fmt.Errorf("failed to encode config: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
return &corev1.Secret{
|
||||||
|
ObjectMeta: metav1.ObjectMeta{
|
||||||
|
Name: scaleSetListenerConfigName(autoscalingListener),
|
||||||
|
Namespace: autoscalingListener.Namespace,
|
||||||
|
},
|
||||||
|
Data: map[string][]byte{
|
||||||
|
"config.json": buf.Bytes(),
|
||||||
|
},
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (b *resourceBuilder) newScaleSetListenerPod(autoscalingListener *v1alpha1.AutoscalingListener, podConfig *corev1.Secret, serviceAccount *corev1.ServiceAccount, secret *corev1.Secret, metricsConfig *listenerMetricsServerConfig, envs ...corev1.EnvVar) (*corev1.Pod, error) {
|
||||||
listenerEnv := []corev1.EnvVar{
|
listenerEnv := []corev1.EnvVar{
|
||||||
{
|
{
|
||||||
Name: "GITHUB_CONFIGURE_URL",
|
Name: "LISTENER_CONFIG_PATH",
|
||||||
Value: autoscalingListener.Spec.GitHubConfigUrl,
|
Value: "/etc/gha-listener/config.json",
|
||||||
},
|
|
||||||
{
|
|
||||||
Name: "GITHUB_EPHEMERAL_RUNNER_SET_NAMESPACE",
|
|
||||||
Value: autoscalingListener.Spec.AutoscalingRunnerSetNamespace,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
Name: "GITHUB_EPHEMERAL_RUNNER_SET_NAME",
|
|
||||||
Value: autoscalingListener.Spec.EphemeralRunnerSetName,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
Name: "GITHUB_MAX_RUNNERS",
|
|
||||||
Value: strconv.Itoa(autoscalingListener.Spec.MaxRunners),
|
|
||||||
},
|
|
||||||
{
|
|
||||||
Name: "GITHUB_MIN_RUNNERS",
|
|
||||||
Value: strconv.Itoa(autoscalingListener.Spec.MinRunners),
|
|
||||||
},
|
|
||||||
{
|
|
||||||
Name: "GITHUB_RUNNER_SCALE_SET_ID",
|
|
||||||
Value: strconv.Itoa(autoscalingListener.Spec.RunnerScaleSetId),
|
|
||||||
},
|
|
||||||
{
|
|
||||||
Name: "GITHUB_RUNNER_SCALE_SET_NAME",
|
|
||||||
Value: autoscalingListener.Spec.AutoscalingRunnerSetName,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
Name: "GITHUB_RUNNER_LOG_LEVEL",
|
|
||||||
Value: scaleSetListenerLogLevel,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
Name: "GITHUB_RUNNER_LOG_FORMAT",
|
|
||||||
Value: scaleSetListenerLogFormat,
|
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
listenerEnv = append(listenerEnv, envs...)
|
listenerEnv = append(listenerEnv, envs...)
|
||||||
|
|
||||||
if _, ok := secret.Data["github_token"]; ok {
|
|
||||||
listenerEnv = append(listenerEnv, corev1.EnvVar{
|
|
||||||
Name: "GITHUB_TOKEN",
|
|
||||||
ValueFrom: &corev1.EnvVarSource{
|
|
||||||
SecretKeyRef: &corev1.SecretKeySelector{
|
|
||||||
LocalObjectReference: corev1.LocalObjectReference{
|
|
||||||
Name: secret.Name,
|
|
||||||
},
|
|
||||||
Key: "github_token",
|
|
||||||
},
|
|
||||||
},
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
if _, ok := secret.Data["github_app_id"]; ok {
|
|
||||||
listenerEnv = append(listenerEnv, corev1.EnvVar{
|
|
||||||
Name: "GITHUB_APP_ID",
|
|
||||||
ValueFrom: &corev1.EnvVarSource{
|
|
||||||
SecretKeyRef: &corev1.SecretKeySelector{
|
|
||||||
LocalObjectReference: corev1.LocalObjectReference{
|
|
||||||
Name: secret.Name,
|
|
||||||
},
|
|
||||||
Key: "github_app_id",
|
|
||||||
},
|
|
||||||
},
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
if _, ok := secret.Data["github_app_installation_id"]; ok {
|
|
||||||
listenerEnv = append(listenerEnv, corev1.EnvVar{
|
|
||||||
Name: "GITHUB_APP_INSTALLATION_ID",
|
|
||||||
ValueFrom: &corev1.EnvVarSource{
|
|
||||||
SecretKeyRef: &corev1.SecretKeySelector{
|
|
||||||
LocalObjectReference: corev1.LocalObjectReference{
|
|
||||||
Name: secret.Name,
|
|
||||||
},
|
|
||||||
Key: "github_app_installation_id",
|
|
||||||
},
|
|
||||||
},
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
if _, ok := secret.Data["github_app_private_key"]; ok {
|
|
||||||
listenerEnv = append(listenerEnv, corev1.EnvVar{
|
|
||||||
Name: "GITHUB_APP_PRIVATE_KEY",
|
|
||||||
ValueFrom: &corev1.EnvVarSource{
|
|
||||||
SecretKeyRef: &corev1.SecretKeySelector{
|
|
||||||
LocalObjectReference: corev1.LocalObjectReference{
|
|
||||||
Name: secret.Name,
|
|
||||||
},
|
|
||||||
Key: "github_app_private_key",
|
|
||||||
},
|
|
||||||
},
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
var ports []corev1.ContainerPort
|
var ports []corev1.ContainerPort
|
||||||
if metricsConfig != nil && len(metricsConfig.addr) != 0 {
|
if metricsConfig != nil && len(metricsConfig.addr) != 0 {
|
||||||
listenerEnv = append(
|
port, err := metricsConfig.containerPort()
|
||||||
listenerEnv,
|
|
||||||
corev1.EnvVar{
|
|
||||||
Name: "GITHUB_METRICS_ADDR",
|
|
||||||
Value: metricsConfig.addr,
|
|
||||||
},
|
|
||||||
corev1.EnvVar{
|
|
||||||
Name: "GITHUB_METRICS_ENDPOINT",
|
|
||||||
Value: metricsConfig.endpoint,
|
|
||||||
},
|
|
||||||
)
|
|
||||||
|
|
||||||
_, portStr, err := net.SplitHostPort(metricsConfig.addr)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("failed to split host:port for metrics address: %v", err)
|
return nil, fmt.Errorf("failed to convert metrics server address to container port: %v", err)
|
||||||
}
|
}
|
||||||
port, err := strconv.ParseInt(portStr, 10, 32)
|
ports = append(ports, port)
|
||||||
if err != nil {
|
|
||||||
return nil, fmt.Errorf("failed to convert port %q to int32: %v", portStr, err)
|
|
||||||
}
|
|
||||||
ports = append(
|
|
||||||
ports,
|
|
||||||
corev1.ContainerPort{
|
|
||||||
ContainerPort: int32(port),
|
|
||||||
Protocol: corev1.ProtocolTCP,
|
|
||||||
Name: "metrics",
|
|
||||||
},
|
|
||||||
)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
podSpec := corev1.PodSpec{
|
podSpec := corev1.PodSpec{
|
||||||
ServiceAccountName: serviceAccount.Name,
|
ServiceAccountName: serviceAccount.Name,
|
||||||
Containers: []corev1.Container{
|
Containers: []corev1.Container{
|
||||||
{
|
{
|
||||||
Name: autoscalingListenerContainerName,
|
Name: autoscalingListenerContainerName,
|
||||||
Image: autoscalingListener.Spec.Image,
|
Image: autoscalingListener.Spec.Image,
|
||||||
Env: listenerEnv,
|
Env: listenerEnv,
|
||||||
ImagePullPolicy: scaleSetListenerImagePullPolicy,
|
|
||||||
Command: []string{
|
Command: []string{
|
||||||
"/github-runnerscaleset-listener",
|
"/github-runnerscaleset-listener",
|
||||||
},
|
},
|
||||||
Ports: ports,
|
Ports: ports,
|
||||||
|
VolumeMounts: []corev1.VolumeMount{
|
||||||
|
{
|
||||||
|
Name: "listener-config",
|
||||||
|
MountPath: "/etc/gha-listener",
|
||||||
|
ReadOnly: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Volumes: []corev1.Volume{
|
||||||
|
{
|
||||||
|
Name: "listener-config",
|
||||||
|
VolumeSource: corev1.VolumeSource{
|
||||||
|
Secret: &corev1.SecretVolumeSource{
|
||||||
|
SecretName: podConfig.Name,
|
||||||
|
},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
ImagePullSecrets: autoscalingListener.Spec.ImagePullSecrets,
|
ImagePullSecrets: autoscalingListener.Spec.ImagePullSecrets,
|
||||||
@@ -317,7 +277,9 @@ func (b *resourceBuilder) newScaleSetListenerPod(autoscalingListener *v1alpha1.A
|
|||||||
}
|
}
|
||||||
|
|
||||||
func mergeListenerPodWithTemplate(pod *corev1.Pod, tmpl *corev1.PodTemplateSpec) {
|
func mergeListenerPodWithTemplate(pod *corev1.Pod, tmpl *corev1.PodTemplateSpec) {
|
||||||
// apply metadata
|
if pod.Annotations == nil {
|
||||||
|
pod.Annotations = make(map[string]string)
|
||||||
|
}
|
||||||
for k, v := range tmpl.Annotations {
|
for k, v := range tmpl.Annotations {
|
||||||
if _, ok := pod.Annotations[k]; !ok {
|
if _, ok := pod.Annotations[k]; !ok {
|
||||||
pod.Annotations[k] = v
|
pod.Annotations[k] = v
|
||||||
@@ -346,7 +308,7 @@ func mergeListenerPodWithTemplate(pod *corev1.Pod, tmpl *corev1.PodTemplateSpec)
|
|||||||
}
|
}
|
||||||
|
|
||||||
// apply pod related spec
|
// apply pod related spec
|
||||||
// NOTE: fields that should be gnored
|
// NOTE: fields that should be ignored
|
||||||
// - service account based fields
|
// - service account based fields
|
||||||
|
|
||||||
if tmpl.Spec.RestartPolicy != "" {
|
if tmpl.Spec.RestartPolicy != "" {
|
||||||
@@ -357,7 +319,7 @@ func mergeListenerPodWithTemplate(pod *corev1.Pod, tmpl *corev1.PodTemplateSpec)
|
|||||||
pod.Spec.ImagePullSecrets = tmpl.Spec.ImagePullSecrets
|
pod.Spec.ImagePullSecrets = tmpl.Spec.ImagePullSecrets
|
||||||
}
|
}
|
||||||
|
|
||||||
pod.Spec.Volumes = tmpl.Spec.Volumes
|
pod.Spec.Volumes = append(pod.Spec.Volumes, tmpl.Spec.Volumes...)
|
||||||
pod.Spec.InitContainers = tmpl.Spec.InitContainers
|
pod.Spec.InitContainers = tmpl.Spec.InitContainers
|
||||||
pod.Spec.EphemeralContainers = tmpl.Spec.EphemeralContainers
|
pod.Spec.EphemeralContainers = tmpl.Spec.EphemeralContainers
|
||||||
pod.Spec.TerminationGracePeriodSeconds = tmpl.Spec.TerminationGracePeriodSeconds
|
pod.Spec.TerminationGracePeriodSeconds = tmpl.Spec.TerminationGracePeriodSeconds
|
||||||
@@ -403,16 +365,9 @@ func mergeListenerContainer(base, from *corev1.Container) {
|
|||||||
base.Command = from.Command
|
base.Command = from.Command
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, v := range from.Env {
|
base.Env = append(base.Env, from.Env...)
|
||||||
if _, ok := reservedListenerContainerEnvKeys[v.Name]; !ok {
|
|
||||||
base.Env = append(base.Env, v)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if from.ImagePullPolicy != "" {
|
|
||||||
base.ImagePullPolicy = from.ImagePullPolicy
|
|
||||||
}
|
|
||||||
|
|
||||||
|
base.ImagePullPolicy = from.ImagePullPolicy
|
||||||
base.Args = append(base.Args, from.Args...)
|
base.Args = append(base.Args, from.Args...)
|
||||||
base.WorkingDir = from.WorkingDir
|
base.WorkingDir = from.WorkingDir
|
||||||
base.Ports = append(base.Ports, from.Ports...)
|
base.Ports = append(base.Ports, from.Ports...)
|
||||||
@@ -428,6 +383,8 @@ func mergeListenerContainer(base, from *corev1.Container) {
|
|||||||
base.TerminationMessagePolicy = from.TerminationMessagePolicy
|
base.TerminationMessagePolicy = from.TerminationMessagePolicy
|
||||||
base.ImagePullPolicy = from.ImagePullPolicy
|
base.ImagePullPolicy = from.ImagePullPolicy
|
||||||
base.SecurityContext = from.SecurityContext
|
base.SecurityContext = from.SecurityContext
|
||||||
|
base.ResizePolicy = from.ResizePolicy
|
||||||
|
base.RestartPolicy = from.RestartPolicy
|
||||||
base.Stdin = from.Stdin
|
base.Stdin = from.Stdin
|
||||||
base.StdinOnce = from.StdinOnce
|
base.StdinOnce = from.StdinOnce
|
||||||
base.TTY = from.TTY
|
base.TTY = from.TTY
|
||||||
@@ -680,6 +637,10 @@ func (b *resourceBuilder) newEphemeralRunnerJitSecret(ephemeralRunner *v1alpha1.
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func scaleSetListenerConfigName(autoscalingListener *v1alpha1.AutoscalingListener) string {
|
||||||
|
return fmt.Sprintf("%s-config", autoscalingListener.Name)
|
||||||
|
}
|
||||||
|
|
||||||
func scaleSetListenerName(autoscalingRunnerSet *v1alpha1.AutoscalingRunnerSet) string {
|
func scaleSetListenerName(autoscalingRunnerSet *v1alpha1.AutoscalingRunnerSet) string {
|
||||||
namespaceHash := hash.FNVHashString(autoscalingRunnerSet.Namespace)
|
namespaceHash := hash.FNVHashString(autoscalingRunnerSet.Namespace)
|
||||||
if len(namespaceHash) > 8 {
|
if len(namespaceHash) > 8 {
|
||||||
|
|||||||
@@ -68,7 +68,7 @@ func TestLabelPropagation(t *testing.T) {
|
|||||||
Name: "test",
|
Name: "test",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
listenerPod, err := b.newScaleSetListenerPod(listener, listenerServiceAccount, listenerSecret, nil)
|
listenerPod, err := b.newScaleSetListenerPod(listener, &corev1.Secret{}, listenerServiceAccount, listenerSecret, nil)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
assert.Equal(t, listenerPod.Labels, listener.Labels)
|
assert.Equal(t, listenerPod.Labels, listener.Labels)
|
||||||
|
|
||||||
|
|||||||
@@ -16,7 +16,9 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/types"
|
"k8s.io/apimachinery/pkg/types"
|
||||||
"k8s.io/client-go/kubernetes/scheme"
|
"k8s.io/client-go/kubernetes/scheme"
|
||||||
ctrl "sigs.k8s.io/controller-runtime"
|
ctrl "sigs.k8s.io/controller-runtime"
|
||||||
|
"sigs.k8s.io/controller-runtime/pkg/cache"
|
||||||
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
||||||
|
metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
|
||||||
|
|
||||||
. "github.com/onsi/ginkgo/v2"
|
. "github.com/onsi/ginkgo/v2"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
@@ -69,8 +71,14 @@ func SetupIntegrationTest(ctx2 context.Context) *testEnvironment {
|
|||||||
Expect(err).NotTo(HaveOccurred(), "failed to create test namespace")
|
Expect(err).NotTo(HaveOccurred(), "failed to create test namespace")
|
||||||
|
|
||||||
mgr, err := ctrl.NewManager(cfg, ctrl.Options{
|
mgr, err := ctrl.NewManager(cfg, ctrl.Options{
|
||||||
Namespace: ns.Name,
|
Cache: cache.Options{
|
||||||
MetricsBindAddress: "0",
|
DefaultNamespaces: map[string]cache.Config{
|
||||||
|
ns.Name: {},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Metrics: metricsserver.Options{
|
||||||
|
BindAddress: "0",
|
||||||
|
},
|
||||||
})
|
})
|
||||||
Expect(err).NotTo(HaveOccurred(), "failed to create manager")
|
Expect(err).NotTo(HaveOccurred(), "failed to create manager")
|
||||||
|
|
||||||
|
|||||||
@@ -13,12 +13,14 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/types"
|
"k8s.io/apimachinery/pkg/types"
|
||||||
"k8s.io/client-go/kubernetes/scheme"
|
"k8s.io/client-go/kubernetes/scheme"
|
||||||
ctrl "sigs.k8s.io/controller-runtime"
|
ctrl "sigs.k8s.io/controller-runtime"
|
||||||
|
"sigs.k8s.io/controller-runtime/pkg/cache"
|
||||||
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
||||||
|
|
||||||
. "github.com/onsi/ginkgo/v2"
|
. "github.com/onsi/ginkgo/v2"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/client"
|
"sigs.k8s.io/controller-runtime/pkg/client"
|
||||||
|
metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
|
||||||
|
|
||||||
actionsv1alpha1 "github.com/actions/actions-runner-controller/apis/actions.summerwind.net/v1alpha1"
|
actionsv1alpha1 "github.com/actions/actions-runner-controller/apis/actions.summerwind.net/v1alpha1"
|
||||||
)
|
)
|
||||||
@@ -143,8 +145,14 @@ func SetupDeploymentTest(ctx2 context.Context) *corev1.Namespace {
|
|||||||
Expect(err).NotTo(HaveOccurred(), "failed to create test namespace")
|
Expect(err).NotTo(HaveOccurred(), "failed to create test namespace")
|
||||||
|
|
||||||
mgr, err := ctrl.NewManager(cfg, ctrl.Options{
|
mgr, err := ctrl.NewManager(cfg, ctrl.Options{
|
||||||
Namespace: ns.Name,
|
Cache: cache.Options{
|
||||||
MetricsBindAddress: "0",
|
DefaultNamespaces: map[string]cache.Config{
|
||||||
|
ns.Name: {},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Metrics: metricsserver.Options{
|
||||||
|
BindAddress: "0",
|
||||||
|
},
|
||||||
})
|
})
|
||||||
Expect(err).NotTo(HaveOccurred(), "failed to create manager")
|
Expect(err).NotTo(HaveOccurred(), "failed to create manager")
|
||||||
|
|
||||||
|
|||||||
@@ -9,7 +9,9 @@ import (
|
|||||||
corev1 "k8s.io/api/core/v1"
|
corev1 "k8s.io/api/core/v1"
|
||||||
"k8s.io/client-go/kubernetes/scheme"
|
"k8s.io/client-go/kubernetes/scheme"
|
||||||
ctrl "sigs.k8s.io/controller-runtime"
|
ctrl "sigs.k8s.io/controller-runtime"
|
||||||
|
"sigs.k8s.io/controller-runtime/pkg/cache"
|
||||||
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
logf "sigs.k8s.io/controller-runtime/pkg/log"
|
||||||
|
metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
|
||||||
|
|
||||||
. "github.com/onsi/ginkgo/v2"
|
. "github.com/onsi/ginkgo/v2"
|
||||||
. "github.com/onsi/gomega"
|
. "github.com/onsi/gomega"
|
||||||
@@ -46,8 +48,14 @@ func SetupTest(ctx2 context.Context) *corev1.Namespace {
|
|||||||
Expect(err).NotTo(HaveOccurred(), "failed to create test namespace")
|
Expect(err).NotTo(HaveOccurred(), "failed to create test namespace")
|
||||||
|
|
||||||
mgr, err := ctrl.NewManager(cfg, ctrl.Options{
|
mgr, err := ctrl.NewManager(cfg, ctrl.Options{
|
||||||
Namespace: ns.Name,
|
Cache: cache.Options{
|
||||||
MetricsBindAddress: "0",
|
DefaultNamespaces: map[string]cache.Config{
|
||||||
|
ns.Name: {},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Metrics: metricsserver.Options{
|
||||||
|
BindAddress: "0",
|
||||||
|
},
|
||||||
})
|
})
|
||||||
Expect(err).NotTo(HaveOccurred(), "failed to create manager")
|
Expect(err).NotTo(HaveOccurred(), "failed to create manager")
|
||||||
|
|
||||||
|
|||||||
@@ -43,12 +43,32 @@ You can follow [this troubleshooting guide](https://docs.github.com/en/actions/h
|
|||||||
|
|
||||||
## Changelog
|
## Changelog
|
||||||
|
|
||||||
|
### v0.7.0
|
||||||
|
1. Add ResizePolicy and RestartPolicy on mergeListenerContainer [#3075](https://github.com/actions/actions-runner-controller/pull/3075)
|
||||||
|
1. feat: GHA controller Helm Chart quoted labels [#3061](https://github.com/actions/actions-runner-controller/pull/3061)
|
||||||
|
1. Update authorization for PAT to be Bearer as documented [#3039](https://github.com/actions/actions-runner-controller/pull/3039)
|
||||||
|
1. Metrics: set max and min runners during startup time [#3032](https://github.com/actions/actions-runner-controller/pull/3032)
|
||||||
|
1. Update Chart.yaml home URLs [#3013](https://github.com/actions/actions-runner-controller/pull/3013)
|
||||||
|
1. Remove inheritance of imagePullPolicy from manager to listeners [#3009](https://github.com/actions/actions-runner-controller/pull/3009)
|
||||||
|
1. Trim down metrics cardinality [#3003](https://github.com/actions/actions-runner-controller/pull/3003)
|
||||||
|
1. Fix role and rolebinding cleanup for the listener controller [#2970](https://github.com/actions/actions-runner-controller/pull/2970)
|
||||||
|
1. Configure listener pod with the secret instead of env [#2965](https://github.com/actions/actions-runner-controller/pull/2965)
|
||||||
|
1. Allow custom labels to be specified for controller pods [#2952](https://github.com/actions/actions-runner-controller/pull/2952)
|
||||||
|
1. Bump go version and all direct dependencies to newest for k8s compatibility [#2947](https://github.com/actions/actions-runner-controller/pull/2947)
|
||||||
|
1. chore: Service accounts in Kubernetes mode can now be annotated. [#2566](https://github.com/actions/actions-runner-controller/pull/2566)
|
||||||
|
|
||||||
|
### v0.6.1
|
||||||
|
1. Replace TLS dockerd connection with unix socket [#2833](https://github.com/actions/actions-runner-controller/pull/2833)
|
||||||
|
1. Fix name override labels when runnerScaleSetName value is set [#2915](https://github.com/actions/actions-runner-controller/pull/2915)
|
||||||
|
1. Fix nil map when annotations are applied [#2916](https://github.com/actions/actions-runner-controller/pull/2916)
|
||||||
|
1. Updates: container-hooks to v0.4.0 [#2928](https://github.com/actions/actions-runner-controller/pull/2928)
|
||||||
|
|
||||||
### v0.6.0
|
### v0.6.0
|
||||||
1. Fix parsing AcquireJob MessageQueueTokenExpiredError (#2837)[https://github.com/actions/actions-runner-controller/pull/2837]
|
1. Fix parsing AcquireJob MessageQueueTokenExpiredError [#2837](https://github.com/actions/actions-runner-controller/pull/2837)
|
||||||
1. Set restart policy on the runner pod to Never if restartPolicy is not set in template (#2787)[https://github.com/actions/actions-runner-controller/pull/2787]
|
1. Set restart policy on the runner pod to Never if restartPolicy is not set in template [#2787](https://github.com/actions/actions-runner-controller/pull/2787)
|
||||||
1. Set the AutoscalingRunnerSet name to runnerScaleSetName (#2803)[https://github.com/actions/actions-runner-controller/pull/2803]
|
1. Set the AutoscalingRunnerSet name to runnerScaleSetName [#2803](https://github.com/actions/actions-runner-controller/pull/2803)
|
||||||
1. Extend and generate crds allowing listener pod spec change (#2758)[https://github.com/actions/actions-runner-controller/pull/2758]
|
1. Extend and generate crds allowing listener pod spec change [#2758](https://github.com/actions/actions-runner-controller/pull/2758)
|
||||||
1. Extend the user agent and fix the build version for the listener app (#2892)[https://github.com/actions/actions-runner-controller/pull/2892]
|
1. Extend the user agent and fix the build version for the listener app [#2892](https://github.com/actions/actions-runner-controller/pull/2892)
|
||||||
|
|
||||||
### v0.5.0
|
### v0.5.0
|
||||||
|
|
||||||
|
|||||||
@@ -6,11 +6,10 @@ import (
|
|||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"encoding/base64"
|
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"log"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"strconv"
|
"strconv"
|
||||||
@@ -58,6 +57,28 @@ type ActionsService interface {
|
|||||||
SetUserAgent(info UserAgentInfo)
|
SetUserAgent(info UserAgentInfo)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type clientLogger struct {
|
||||||
|
logr.Logger
|
||||||
|
}
|
||||||
|
|
||||||
|
func (l *clientLogger) Info(msg string, keysAndValues ...interface{}) {
|
||||||
|
l.Logger.Info(msg, keysAndValues...)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (l *clientLogger) Debug(msg string, keysAndValues ...interface{}) {
|
||||||
|
// discard debug log
|
||||||
|
}
|
||||||
|
|
||||||
|
func (l *clientLogger) Error(msg string, keysAndValues ...interface{}) {
|
||||||
|
l.Logger.Error(errors.New(msg), "Retryable client error", keysAndValues...)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (l *clientLogger) Warn(msg string, keysAndValues ...interface{}) {
|
||||||
|
l.Logger.Info(msg, keysAndValues...)
|
||||||
|
}
|
||||||
|
|
||||||
|
var _ retryablehttp.LeveledLogger = &clientLogger{}
|
||||||
|
|
||||||
type Client struct {
|
type Client struct {
|
||||||
*http.Client
|
*http.Client
|
||||||
|
|
||||||
@@ -169,11 +190,13 @@ func NewClient(githubConfigURL string, creds *ActionsAuth, options ...ClientOpti
|
|||||||
}
|
}
|
||||||
|
|
||||||
retryClient := retryablehttp.NewClient()
|
retryClient := retryablehttp.NewClient()
|
||||||
retryClient.Logger = log.New(io.Discard, "", log.LstdFlags)
|
retryClient.Logger = &clientLogger{Logger: ac.logger}
|
||||||
|
|
||||||
retryClient.RetryMax = ac.retryMax
|
retryClient.RetryMax = ac.retryMax
|
||||||
retryClient.RetryWaitMax = ac.retryWaitMax
|
retryClient.RetryWaitMax = ac.retryWaitMax
|
||||||
|
|
||||||
|
retryClient.HTTPClient.Timeout = 5 * time.Minute // timeout must be > 1m to accomodate long polling
|
||||||
|
|
||||||
transport, ok := retryClient.HTTPClient.Transport.(*http.Transport)
|
transport, ok := retryClient.HTTPClient.Transport.(*http.Transport)
|
||||||
if !ok {
|
if !ok {
|
||||||
// this should always be true, because retryablehttp.NewClient() uses
|
// this should always be true, because retryablehttp.NewClient() uses
|
||||||
@@ -835,8 +858,7 @@ func (c *Client) getRunnerRegistrationToken(ctx context.Context) (*registrationT
|
|||||||
bearerToken := ""
|
bearerToken := ""
|
||||||
|
|
||||||
if c.creds.Token != "" {
|
if c.creds.Token != "" {
|
||||||
encodedToken := base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("github:%v", c.creds.Token)))
|
bearerToken = fmt.Sprintf("Bearer %v", c.creds.Token)
|
||||||
bearerToken = fmt.Sprintf("Basic %v", encodedToken)
|
|
||||||
} else {
|
} else {
|
||||||
accessToken, err := c.fetchAccessToken(ctx, c.config.ConfigURL.String(), c.creds.AppCreds)
|
accessToken, err := c.fetchAccessToken(ctx, c.config.ConfigURL.String(), c.creds.AppCreds)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
120
go.mod
120
go.mod
@@ -1,80 +1,81 @@
|
|||||||
module github.com/actions/actions-runner-controller
|
module github.com/actions/actions-runner-controller
|
||||||
|
|
||||||
go 1.20
|
go 1.21.3
|
||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/bradleyfalzon/ghinstallation/v2 v2.1.0
|
github.com/bradleyfalzon/ghinstallation/v2 v2.8.0
|
||||||
github.com/davecgh/go-spew v1.1.1
|
github.com/davecgh/go-spew v1.1.1
|
||||||
github.com/evanphx/json-patch v4.12.0+incompatible
|
github.com/evanphx/json-patch v5.7.0+incompatible
|
||||||
github.com/go-logr/logr v1.2.4
|
github.com/go-logr/logr v1.3.0
|
||||||
github.com/golang-jwt/jwt/v4 v4.5.0
|
github.com/golang-jwt/jwt/v4 v4.5.0
|
||||||
github.com/google/go-cmp v0.5.9
|
github.com/google/go-cmp v0.6.0
|
||||||
github.com/google/go-github/v52 v52.0.0
|
github.com/google/go-github/v52 v52.0.0
|
||||||
github.com/google/uuid v1.3.0
|
github.com/google/uuid v1.4.0
|
||||||
github.com/gorilla/mux v1.8.0
|
github.com/gorilla/mux v1.8.1
|
||||||
github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79
|
github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79
|
||||||
github.com/gruntwork-io/terratest v0.41.24
|
github.com/gruntwork-io/terratest v0.41.24
|
||||||
github.com/hashicorp/go-retryablehttp v0.7.2
|
github.com/hashicorp/go-retryablehttp v0.7.5
|
||||||
github.com/kelseyhightower/envconfig v1.4.0
|
github.com/kelseyhightower/envconfig v1.4.0
|
||||||
github.com/onsi/ginkgo v1.16.5
|
github.com/onsi/ginkgo v1.16.5
|
||||||
github.com/onsi/ginkgo/v2 v2.11.0
|
github.com/onsi/ginkgo/v2 v2.13.1
|
||||||
github.com/onsi/gomega v1.27.8
|
github.com/onsi/gomega v1.29.0
|
||||||
github.com/pkg/errors v0.9.1
|
github.com/pkg/errors v0.9.1
|
||||||
github.com/prometheus/client_golang v1.15.0
|
github.com/prometheus/client_golang v1.17.0
|
||||||
github.com/stretchr/testify v1.8.2
|
github.com/stretchr/testify v1.8.4
|
||||||
github.com/teambition/rrule-go v1.8.2
|
github.com/teambition/rrule-go v1.8.2
|
||||||
go.uber.org/multierr v1.10.0
|
go.uber.org/multierr v1.11.0
|
||||||
go.uber.org/zap v1.24.0
|
go.uber.org/zap v1.26.0
|
||||||
golang.org/x/net v0.12.0
|
golang.org/x/net v0.18.0
|
||||||
golang.org/x/oauth2 v0.7.0
|
golang.org/x/oauth2 v0.14.0
|
||||||
golang.org/x/sync v0.2.0
|
golang.org/x/sync v0.5.0
|
||||||
gomodules.xyz/jsonpatch/v2 v2.2.0
|
gomodules.xyz/jsonpatch/v2 v2.4.0
|
||||||
gopkg.in/yaml.v2 v2.4.0
|
gopkg.in/yaml.v2 v2.4.0
|
||||||
k8s.io/api v0.26.2
|
k8s.io/api v0.28.3
|
||||||
k8s.io/apimachinery v0.26.2
|
k8s.io/apimachinery v0.28.3
|
||||||
k8s.io/client-go v0.26.2
|
k8s.io/client-go v0.28.3
|
||||||
sigs.k8s.io/controller-runtime v0.14.4
|
sigs.k8s.io/controller-runtime v0.16.3
|
||||||
sigs.k8s.io/yaml v1.3.0
|
sigs.k8s.io/yaml v1.4.0
|
||||||
)
|
)
|
||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 // indirect
|
github.com/ProtonMail/go-crypto v0.0.0-20230923063757-afb1ddc0824c // indirect
|
||||||
github.com/aws/aws-sdk-go v1.44.122 // indirect
|
github.com/aws/aws-sdk-go v1.44.122 // indirect
|
||||||
github.com/beorn7/perks v1.0.1 // indirect
|
github.com/beorn7/perks v1.0.1 // indirect
|
||||||
github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
|
github.com/boombuler/barcode v1.0.1 // indirect
|
||||||
github.com/cespare/xxhash/v2 v2.2.0 // indirect
|
github.com/cespare/xxhash/v2 v2.2.0 // indirect
|
||||||
github.com/cloudflare/circl v1.3.3 // indirect
|
github.com/cloudflare/circl v1.3.6 // indirect
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect
|
github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect
|
||||||
github.com/emicklei/go-restful/v3 v3.9.0 // indirect
|
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
|
||||||
github.com/evanphx/json-patch/v5 v5.6.0 // indirect
|
github.com/evanphx/json-patch/v5 v5.7.0 // indirect
|
||||||
github.com/fsnotify/fsnotify v1.6.0 // indirect
|
github.com/fsnotify/fsnotify v1.7.0 // indirect
|
||||||
github.com/ghodss/yaml v1.0.0 // indirect
|
github.com/ghodss/yaml v1.0.0 // indirect
|
||||||
github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0 // indirect
|
github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0 // indirect
|
||||||
github.com/go-logr/zapr v1.2.3 // indirect
|
github.com/go-logr/zapr v1.3.0 // indirect
|
||||||
github.com/go-openapi/jsonpointer v0.19.5 // indirect
|
github.com/go-openapi/jsonpointer v0.20.0 // indirect
|
||||||
github.com/go-openapi/jsonreference v0.20.0 // indirect
|
github.com/go-openapi/jsonreference v0.20.2 // indirect
|
||||||
github.com/go-openapi/swag v0.19.14 // indirect
|
github.com/go-openapi/swag v0.22.4 // indirect
|
||||||
github.com/go-sql-driver/mysql v1.4.1 // indirect
|
github.com/go-sql-driver/mysql v1.4.1 // indirect
|
||||||
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
|
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
|
||||||
github.com/gogo/protobuf v1.3.2 // indirect
|
github.com/gogo/protobuf v1.3.2 // indirect
|
||||||
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
|
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
|
||||||
github.com/golang/protobuf v1.5.3 // indirect
|
github.com/golang/protobuf v1.5.3 // indirect
|
||||||
github.com/google/gnostic v0.5.7-v3refs // indirect
|
github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 // indirect
|
||||||
github.com/google/go-github/v45 v45.2.0 // indirect
|
github.com/google/go-github/v56 v56.0.0 // indirect
|
||||||
github.com/google/go-querystring v1.1.0 // indirect
|
github.com/google/go-querystring v1.1.0 // indirect
|
||||||
github.com/google/gofuzz v1.1.0 // indirect
|
github.com/google/gofuzz v1.2.0 // indirect
|
||||||
github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 // indirect
|
github.com/google/pprof v0.0.0-20231101202521-4ca4178f5c7a // indirect
|
||||||
github.com/gruntwork-io/go-commons v0.8.0 // indirect
|
github.com/gruntwork-io/go-commons v0.8.0 // indirect
|
||||||
github.com/hashicorp/errwrap v1.0.0 // indirect
|
github.com/hashicorp/errwrap v1.0.0 // indirect
|
||||||
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
|
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
|
||||||
github.com/hashicorp/go-multierror v1.1.0 // indirect
|
github.com/hashicorp/go-multierror v1.1.0 // indirect
|
||||||
github.com/imdario/mergo v0.3.12 // indirect
|
github.com/imdario/mergo v0.3.16 // indirect
|
||||||
github.com/jmespath/go-jmespath v0.4.0 // indirect
|
github.com/jmespath/go-jmespath v0.4.0 // indirect
|
||||||
github.com/josharian/intern v1.0.0 // indirect
|
github.com/josharian/intern v1.0.0 // indirect
|
||||||
github.com/json-iterator/go v1.1.12 // indirect
|
github.com/json-iterator/go v1.1.12 // indirect
|
||||||
github.com/mailru/easyjson v0.7.6 // indirect
|
github.com/mailru/easyjson v0.7.7 // indirect
|
||||||
github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 // indirect
|
github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 // indirect
|
||||||
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
|
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
|
||||||
|
github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
|
||||||
github.com/mitchellh/go-homedir v1.1.0 // indirect
|
github.com/mitchellh/go-homedir v1.1.0 // indirect
|
||||||
github.com/moby/spdystream v0.2.0 // indirect
|
github.com/moby/spdystream v0.2.0 // indirect
|
||||||
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
|
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
|
||||||
@@ -82,32 +83,31 @@ require (
|
|||||||
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
|
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
|
||||||
github.com/pmezard/go-difflib v1.0.0 // indirect
|
github.com/pmezard/go-difflib v1.0.0 // indirect
|
||||||
github.com/pquerna/otp v1.2.0 // indirect
|
github.com/pquerna/otp v1.2.0 // indirect
|
||||||
github.com/prometheus/client_model v0.3.0 // indirect
|
github.com/prometheus/client_model v0.5.0 // indirect
|
||||||
github.com/prometheus/common v0.42.0 // indirect
|
github.com/prometheus/common v0.45.0 // indirect
|
||||||
github.com/prometheus/procfs v0.9.0 // indirect
|
github.com/prometheus/procfs v0.12.0 // indirect
|
||||||
github.com/rogpeppe/go-internal v1.10.0 // indirect
|
|
||||||
github.com/russross/blackfriday/v2 v2.1.0 // indirect
|
github.com/russross/blackfriday/v2 v2.1.0 // indirect
|
||||||
github.com/spf13/pflag v1.0.5 // indirect
|
github.com/spf13/pflag v1.0.5 // indirect
|
||||||
github.com/stretchr/objx v0.5.0 // indirect
|
github.com/stretchr/objx v0.5.1 // indirect
|
||||||
github.com/urfave/cli v1.22.2 // indirect
|
github.com/urfave/cli v1.22.2 // indirect
|
||||||
go.uber.org/atomic v1.7.0 // indirect
|
golang.org/x/crypto v0.15.0 // indirect
|
||||||
golang.org/x/crypto v0.11.0 // indirect
|
golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa // indirect
|
||||||
golang.org/x/sys v0.10.0 // indirect
|
golang.org/x/sys v0.14.0 // indirect
|
||||||
golang.org/x/term v0.10.0 // indirect
|
golang.org/x/term v0.14.0 // indirect
|
||||||
golang.org/x/text v0.11.0 // indirect
|
golang.org/x/text v0.14.0 // indirect
|
||||||
golang.org/x/time v0.3.0 // indirect
|
golang.org/x/time v0.4.0 // indirect
|
||||||
golang.org/x/tools v0.9.3 // indirect
|
golang.org/x/tools v0.15.0 // indirect
|
||||||
google.golang.org/appengine v1.6.7 // indirect
|
google.golang.org/appengine v1.6.8 // indirect
|
||||||
google.golang.org/protobuf v1.30.0 // indirect
|
google.golang.org/protobuf v1.31.0 // indirect
|
||||||
gopkg.in/inf.v0 v0.9.1 // indirect
|
gopkg.in/inf.v0 v0.9.1 // indirect
|
||||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||||
k8s.io/apiextensions-apiserver v0.26.1 // indirect
|
k8s.io/apiextensions-apiserver v0.28.3 // indirect
|
||||||
k8s.io/component-base v0.26.1 // indirect
|
k8s.io/component-base v0.28.3 // indirect
|
||||||
k8s.io/klog/v2 v2.80.1 // indirect
|
k8s.io/klog/v2 v2.110.1 // indirect
|
||||||
k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect
|
k8s.io/kube-openapi v0.0.0-20231113174909-778a5567bc1e // indirect
|
||||||
k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 // indirect
|
k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
|
||||||
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
|
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
|
||||||
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
|
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
|
||||||
)
|
)
|
||||||
|
|
||||||
replace github.com/gregjones/httpcache => github.com/actions-runner-controller/httpcache v0.2.0
|
replace github.com/gregjones/httpcache => github.com/actions-runner-controller/httpcache v0.2.0
|
||||||
|
|||||||
392
go.sum
392
go.sum
@@ -1,32 +1,30 @@
|
|||||||
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
|
||||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||||
github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 h1:wPbRQzjjwFc0ih8puEVAOFGELsn1zoIIYdxvML7mDxA=
|
github.com/ProtonMail/go-crypto v0.0.0-20230923063757-afb1ddc0824c h1:kMFnB0vCcX7IL/m9Y5LO+KQYv+t1CQOiFe6+SV2J7bE=
|
||||||
github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g=
|
github.com/ProtonMail/go-crypto v0.0.0-20230923063757-afb1ddc0824c/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0=
|
||||||
github.com/actions-runner-controller/httpcache v0.2.0 h1:hCNvYuVPJ2xxYBymqBvH0hSiQpqz4PHF/LbU3XghGNI=
|
github.com/actions-runner-controller/httpcache v0.2.0 h1:hCNvYuVPJ2xxYBymqBvH0hSiQpqz4PHF/LbU3XghGNI=
|
||||||
github.com/actions-runner-controller/httpcache v0.2.0/go.mod h1:JLu9/2M/btPz1Zu/vTZ71XzukQHn2YeISPmJoM5exBI=
|
github.com/actions-runner-controller/httpcache v0.2.0/go.mod h1:JLu9/2M/btPz1Zu/vTZ71XzukQHn2YeISPmJoM5exBI=
|
||||||
github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
|
github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
|
||||||
|
github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
|
||||||
github.com/aws/aws-sdk-go v1.44.122 h1:p6mw01WBaNpbdP2xrisz5tIkcNwzj/HysobNoaAHjgo=
|
github.com/aws/aws-sdk-go v1.44.122 h1:p6mw01WBaNpbdP2xrisz5tIkcNwzj/HysobNoaAHjgo=
|
||||||
github.com/aws/aws-sdk-go v1.44.122/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
|
github.com/aws/aws-sdk-go v1.44.122/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
|
||||||
github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
|
|
||||||
github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
|
github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
|
||||||
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
|
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
|
||||||
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
|
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
|
||||||
github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
|
github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
|
||||||
github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8WK8raXaxBx6fRVTlJILwEwQGL1I/ByEI=
|
|
||||||
github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
|
github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
|
||||||
github.com/bradleyfalzon/ghinstallation/v2 v2.1.0 h1:5+NghM1Zred9Z078QEZtm28G/kfDfZN/92gkDlLwGVA=
|
github.com/boombuler/barcode v1.0.1 h1:NDBbPmhS+EqABEs5Kg3n/5ZNjy73Pz7SIV+KCeqyXcs=
|
||||||
github.com/bradleyfalzon/ghinstallation/v2 v2.1.0/go.mod h1:Xg3xPRN5Mcq6GDqeUVhFbjEWMb4JHCyWEeeBGEYQoTU=
|
github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
|
||||||
github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0=
|
github.com/bradleyfalzon/ghinstallation/v2 v2.8.0 h1:yUmoVv70H3J4UOqxqsee39+KlXxNEDfTbAp8c/qULKk=
|
||||||
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
github.com/bradleyfalzon/ghinstallation/v2 v2.8.0/go.mod h1:fmPmvCiBWhJla3zDv9ZTQSZc8AbwyRnGW1yg5ep1Pcs=
|
||||||
|
github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0=
|
||||||
github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
|
github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
|
||||||
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
||||||
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
|
|
||||||
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
|
|
||||||
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
|
|
||||||
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
|
|
||||||
github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I=
|
|
||||||
github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEMs=
|
github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEMs=
|
||||||
github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
|
github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
|
||||||
|
github.com/cloudflare/circl v1.3.5 h1:g+wWynZqVALYAlpSQFAa7TscDnUK8mKYtrxMpw6AUKo=
|
||||||
|
github.com/cloudflare/circl v1.3.5/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
|
||||||
|
github.com/cloudflare/circl v1.3.6 h1:/xbKIqSHbZXHwkhbrhrt2YOHIwYJlXH94E3tI/gDlUg=
|
||||||
|
github.com/cloudflare/circl v1.3.6/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
|
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng4PGlyM=
|
github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng4PGlyM=
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
|
github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
|
||||||
@@ -34,41 +32,41 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3
|
|||||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
|
github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=
|
||||||
github.com/elazarl/goproxy v0.0.0-20190911111923-ecfe977594f1 h1:yY9rWGoXv1U5pl4gxqlULARMQD7x0QG85lqEXTWysik=
|
github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
|
||||||
github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE=
|
github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI=
|
||||||
github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
|
github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
|
||||||
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
github.com/evanphx/json-patch/v5 v5.7.0 h1:nJqP7uwL84RJInrohHfW0Fx3awjbm8qZeFv0nW9SYGc=
|
||||||
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
github.com/evanphx/json-patch/v5 v5.7.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ=
|
||||||
github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ=
|
|
||||||
github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84=
|
|
||||||
github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
|
|
||||||
github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww=
|
|
||||||
github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4=
|
|
||||||
github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
|
github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
|
||||||
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
|
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
|
||||||
github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
|
github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
|
||||||
github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
|
github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
|
||||||
github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw=
|
github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw=
|
||||||
|
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
|
||||||
|
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
|
||||||
github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
|
github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
|
||||||
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
|
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
|
||||||
github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
|
github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
|
||||||
github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0 h1:skJKxRtNmevLqnayafdLe2AsenqRupVmzZSqrvb5caU=
|
github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0 h1:skJKxRtNmevLqnayafdLe2AsenqRupVmzZSqrvb5caU=
|
||||||
github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
|
github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
|
||||||
github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
||||||
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
|
||||||
github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
|
github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
|
||||||
github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
||||||
github.com/go-logr/zapr v1.2.3 h1:a9vnzlIBPQBBkeaR9IuMUfmVOrQlkoC4YfPoFkX3T7A=
|
github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY=
|
||||||
github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4=
|
github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
|
||||||
github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
|
github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo=
|
||||||
github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY=
|
github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA=
|
||||||
github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
|
github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ=
|
||||||
github.com/go-openapi/jsonreference v0.20.0 h1:MYlu0sBgChmCfJxxUKZ8g1cPWFOB37YSZqewK7OKeyA=
|
github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg=
|
||||||
github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo=
|
github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
|
||||||
github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
|
github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ=
|
||||||
github.com/go-openapi/swag v0.19.14 h1:gm3vOOXfiuw5i9p5N9xJvfjvuofpyvLA9Wr6QfK5Fng=
|
github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA=
|
||||||
github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ=
|
github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=
|
||||||
|
github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k=
|
||||||
|
github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
|
||||||
|
github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU=
|
||||||
|
github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
|
||||||
github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZpNwpA=
|
github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZpNwpA=
|
||||||
github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
|
github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
|
||||||
github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
|
github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
|
||||||
@@ -76,54 +74,54 @@ github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEe
|
|||||||
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls=
|
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls=
|
||||||
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
|
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
|
||||||
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
|
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
|
||||||
github.com/golang-jwt/jwt/v4 v4.4.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
|
|
||||||
github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
|
github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
|
||||||
github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
|
github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
|
||||||
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
|
|
||||||
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
|
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
|
||||||
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||||
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
|
|
||||||
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||||
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
|
||||||
github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
|
||||||
github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk=
|
|
||||||
github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
|
github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
|
||||||
github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
|
github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
|
||||||
github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
|
github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
|
||||||
github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
|
github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
|
||||||
github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
|
github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
|
||||||
github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
|
|
||||||
github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
|
github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
|
||||||
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
|
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
|
||||||
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
|
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
|
||||||
github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
|
github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
|
||||||
github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
|
github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
|
||||||
github.com/google/gnostic v0.5.7-v3refs h1:FhTMOKj2VhjpouxvWJAV1TL304uMlb9zcDqkl6cEI54=
|
github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 h1:0VpGH+cDhbDtdcweoyCVsF3fhN8kejK6rFe/2FFX2nU=
|
||||||
github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ=
|
github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49/go.mod h1:BkkQ4L1KS1xMt2aWSPStnn55ChGC0DPOn2FQYj+f25M=
|
||||||
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
|
|
||||||
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
||||||
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
||||||
github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
|
||||||
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
|
|
||||||
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||||
github.com/google/go-github/v45 v45.2.0 h1:5oRLszbrkvxDDqBCNj2hjDZMKmvexaZ1xw/FCD+K3FI=
|
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
|
||||||
github.com/google/go-github/v45 v45.2.0/go.mod h1:FObaZJEDSTa/WGCzZ2Z3eoCDXWJKMenWWTrd8jrta28=
|
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||||
github.com/google/go-github/v52 v52.0.0 h1:uyGWOY+jMQ8GVGSX8dkSwCzlehU3WfdxQ7GweO/JP7M=
|
github.com/google/go-github/v52 v52.0.0 h1:uyGWOY+jMQ8GVGSX8dkSwCzlehU3WfdxQ7GweO/JP7M=
|
||||||
github.com/google/go-github/v52 v52.0.0/go.mod h1:WJV6VEEUPuMo5pXqqa2ZCZEdbQqua4zAk2MZTIo+m+4=
|
github.com/google/go-github/v52 v52.0.0/go.mod h1:WJV6VEEUPuMo5pXqqa2ZCZEdbQqua4zAk2MZTIo+m+4=
|
||||||
|
github.com/google/go-github/v56 v56.0.0 h1:TysL7dMa/r7wsQi44BjqlwaHvwlFlqkK8CtBWCX3gb4=
|
||||||
|
github.com/google/go-github/v56 v56.0.0/go.mod h1:D8cdcX98YWJvi7TLo7zM4/h8ZTx6u6fwGEkCdisopo0=
|
||||||
github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
|
github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
|
||||||
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
|
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
|
||||||
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||||
github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g=
|
github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
|
||||||
github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||||
github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 h1:yAJXTCF9TqKcTiHJAE8dj7HMvPfh66eeA2JYW7eFpSE=
|
github.com/google/pprof v0.0.0-20230926050212-f7f687d19a98 h1:pUa4ghanp6q4IJHwE9RwLgmVFfReJN+KbQ8ExNEUUoQ=
|
||||||
github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
|
github.com/google/pprof v0.0.0-20230926050212-f7f687d19a98/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik=
|
||||||
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
|
github.com/google/pprof v0.0.0-20231023181126-ff6d637d2a7b h1:RMpPgZTSApbPf7xaVel+QkoGPRLFLrwFO89uDUHEGf0=
|
||||||
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
github.com/google/pprof v0.0.0-20231023181126-ff6d637d2a7b/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik=
|
||||||
|
github.com/google/pprof v0.0.0-20231101202521-4ca4178f5c7a h1:fEBsGL/sjAuJrgah5XqmmYsTLzJp/TO9Lhy39gkverk=
|
||||||
|
github.com/google/pprof v0.0.0-20231101202521-4ca4178f5c7a/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik=
|
||||||
|
github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4=
|
||||||
|
github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
|
github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4=
|
||||||
|
github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
|
github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
|
||||||
github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
|
github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
|
||||||
|
github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
|
||||||
|
github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
|
||||||
github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
|
github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
|
||||||
github.com/gruntwork-io/go-commons v0.8.0 h1:k/yypwrPqSeYHevLlEDmvmgQzcyTwrlZGRaxEM6G0ro=
|
github.com/gruntwork-io/go-commons v0.8.0 h1:k/yypwrPqSeYHevLlEDmvmgQzcyTwrlZGRaxEM6G0ro=
|
||||||
github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwiQZze678hvDXof78=
|
github.com/gruntwork-io/go-commons v0.8.0/go.mod h1:gtp0yTtIBExIZp7vyIV9I0XQkVwiQZze678hvDXof78=
|
||||||
@@ -137,13 +135,13 @@ github.com/hashicorp/go-hclog v0.9.2 h1:CG6TE5H9/JXsFWJCfoIVpKFIkFe6ysEuHirp4DxC
|
|||||||
github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
|
github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
|
||||||
github.com/hashicorp/go-multierror v1.1.0 h1:B9UzwGQJehnUY1yNrnwREHc3fGbC2xefo8g4TbElacI=
|
github.com/hashicorp/go-multierror v1.1.0 h1:B9UzwGQJehnUY1yNrnwREHc3fGbC2xefo8g4TbElacI=
|
||||||
github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA=
|
github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA=
|
||||||
github.com/hashicorp/go-retryablehttp v0.7.2 h1:AcYqCvkpalPnPF2pn0KamgwamS42TqUDDYFRKq/RAd0=
|
github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA=
|
||||||
github.com/hashicorp/go-retryablehttp v0.7.2/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
|
github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
|
||||||
|
github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M=
|
||||||
|
github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
|
||||||
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
|
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
|
||||||
github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4=
|
||||||
github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
|
github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY=
|
||||||
github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
|
|
||||||
github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
|
|
||||||
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
|
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
|
||||||
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
|
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
|
||||||
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
|
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
|
||||||
@@ -158,16 +156,15 @@ github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI
|
|||||||
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
||||||
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
||||||
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||||
github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
|
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
|
||||||
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
|
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
|
||||||
|
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
|
||||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||||
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
||||||
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
||||||
github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
|
github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
|
||||||
github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
|
github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
|
||||||
github.com/mailru/easyjson v0.7.6 h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA=
|
|
||||||
github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
|
|
||||||
github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
|
github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
|
||||||
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
||||||
github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE=
|
github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE=
|
||||||
@@ -176,6 +173,8 @@ github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 h1:ofNAzWCcyTALn2
|
|||||||
github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo=
|
github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo=
|
||||||
github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
|
github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
|
||||||
github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
|
github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
|
||||||
|
github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg=
|
||||||
|
github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k=
|
||||||
github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
|
github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
|
||||||
github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
|
github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
|
||||||
github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8=
|
github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8=
|
||||||
@@ -187,19 +186,22 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G
|
|||||||
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
|
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
|
||||||
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
|
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
|
||||||
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
|
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
|
||||||
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
|
|
||||||
github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
|
github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
|
||||||
github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
|
github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
|
||||||
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
|
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
|
||||||
github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
|
github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
|
||||||
github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
|
github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
|
||||||
github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
|
github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
|
||||||
github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU=
|
github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4=
|
||||||
github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM=
|
github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o=
|
||||||
|
github.com/onsi/ginkgo/v2 v2.13.1 h1:LNGfMbR2OVGBfXjvRZIZ2YCTQdGKtPLvuI1rMCCj3OU=
|
||||||
|
github.com/onsi/ginkgo/v2 v2.13.1/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM=
|
||||||
github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
|
github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
|
||||||
github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
|
github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
|
||||||
github.com/onsi/gomega v1.27.8 h1:gegWiwZjBsf2DgiSbf5hpokZ98JVDMcWkUiigk6/KXc=
|
github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI=
|
||||||
github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ=
|
github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M=
|
||||||
|
github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg=
|
||||||
|
github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ=
|
||||||
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||||
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||||
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||||
@@ -207,15 +209,16 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
|
|||||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||||
github.com/pquerna/otp v1.2.0 h1:/A3+Jn+cagqayeR3iHs/L62m5ue7710D35zl1zJ1kok=
|
github.com/pquerna/otp v1.2.0 h1:/A3+Jn+cagqayeR3iHs/L62m5ue7710D35zl1zJ1kok=
|
||||||
github.com/pquerna/otp v1.2.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg=
|
github.com/pquerna/otp v1.2.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg=
|
||||||
github.com/prometheus/client_golang v1.15.0 h1:5fCgGYogn0hFdhyhLbw7hEsWxufKtY9klyvdNfFlFhM=
|
github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1SOtjMAMh+Q=
|
||||||
github.com/prometheus/client_golang v1.15.0/go.mod h1:e9yaBhRPU2pPNsZwE+JdQl0KEt1N9XgF6zxWmaC0xOk=
|
github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY=
|
||||||
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
|
||||||
github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4=
|
github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
|
||||||
github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w=
|
github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY=
|
||||||
github.com/prometheus/common v0.42.0 h1:EKsfXEYo4JpWMHH5cg+KOUWeuJSov1Id8zGR8eeI1YM=
|
github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY=
|
||||||
github.com/prometheus/common v0.42.0/go.mod h1:xBwqVerjNdUDjgODMpudtOMwlOwf2SaTr1yjz4b7Zbc=
|
github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM=
|
||||||
github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI=
|
github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY=
|
||||||
github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY=
|
github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
|
||||||
|
github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
|
||||||
github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
|
github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
|
||||||
github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
|
github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
|
||||||
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
||||||
@@ -225,12 +228,12 @@ github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeV
|
|||||||
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
|
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
|
||||||
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
|
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
|
||||||
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
|
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
|
||||||
github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8=
|
|
||||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
|
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
|
||||||
github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
|
|
||||||
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
|
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
|
||||||
|
github.com/stretchr/objx v0.5.1 h1:4VhoImhV/Bm0ToFkXFi8hXNXwpDRZ/ynw3amt82mzq0=
|
||||||
|
github.com/stretchr/objx v0.5.1/go.mod h1:/iHQpkQwBD6DLUmQ4pE+s1TXdob1mORJ4/UFdrifcy0=
|
||||||
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
||||||
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
|
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
|
||||||
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
|
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
|
||||||
@@ -239,66 +242,85 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
|
|||||||
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||||
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||||
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
|
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
|
||||||
github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
|
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
|
||||||
github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
|
github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
|
||||||
|
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
|
||||||
|
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
|
||||||
github.com/teambition/rrule-go v1.8.2 h1:lIjpjvWTj9fFUZCmuoVDrKVOtdiyzbzc93qTmRVe/J8=
|
github.com/teambition/rrule-go v1.8.2 h1:lIjpjvWTj9fFUZCmuoVDrKVOtdiyzbzc93qTmRVe/J8=
|
||||||
github.com/teambition/rrule-go v1.8.2/go.mod h1:Ieq5AbrKGciP1V//Wq8ktsTXwSwJHDD5mD/wLBGl3p4=
|
github.com/teambition/rrule-go v1.8.2/go.mod h1:Ieq5AbrKGciP1V//Wq8ktsTXwSwJHDD5mD/wLBGl3p4=
|
||||||
github.com/urfave/cli v1.22.2 h1:gsqYFH8bb9ekPA12kRo0hfjngWQjkJPlN9R0N78BoUo=
|
github.com/urfave/cli v1.22.2 h1:gsqYFH8bb9ekPA12kRo0hfjngWQjkJPlN9R0N78BoUo=
|
||||||
github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
|
github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
|
||||||
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw=
|
github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
|
||||||
|
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
|
||||||
go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
|
go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
|
||||||
go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
|
go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
|
||||||
go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk=
|
go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A=
|
||||||
|
go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4=
|
||||||
go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
|
go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
|
||||||
go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ=
|
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
|
||||||
go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
|
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
|
||||||
go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI=
|
|
||||||
go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60=
|
|
||||||
go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg=
|
go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg=
|
||||||
|
go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo=
|
||||||
|
go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so=
|
||||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||||
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
|
||||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||||
golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA=
|
golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
|
||||||
golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio=
|
golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
|
||||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
|
||||||
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
|
||||||
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
|
golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA=
|
||||||
golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g=
|
||||||
|
golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI=
|
||||||
|
golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo=
|
||||||
|
golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ=
|
||||||
|
golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE=
|
||||||
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||||
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||||
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||||
golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk=
|
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||||
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
||||||
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
|
||||||
|
golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY=
|
||||||
|
golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
|
||||||
|
golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=
|
||||||
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
|
||||||
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
|
|
||||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
||||||
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
|
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
|
||||||
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
||||||
|
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
|
||||||
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
||||||
golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50=
|
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||||
golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA=
|
golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
|
||||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||||
golang.org/x/oauth2 v0.7.0 h1:qe6s0zUXlPX80/dITx3440hWZ7GwMwgDDyrSGTPJG/g=
|
golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
|
||||||
golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4=
|
golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
|
||||||
|
golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
|
||||||
|
golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg=
|
||||||
|
golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ=
|
||||||
|
golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY=
|
||||||
|
golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0=
|
||||||
|
golang.org/x/oauth2 v0.14.0 h1:P0Vrf/2538nmC0H+pEQ3MNFRRnVR7RlqyVw+bvm26z0=
|
||||||
|
golang.org/x/oauth2 v0.14.0/go.mod h1:lAtNWgaWfL4cm7j2OV8TxGi9Qb7ECORx8DktCY74OwM=
|
||||||
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
|
||||||
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI=
|
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ=
|
||||||
|
golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
|
||||||
|
golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE=
|
||||||
|
golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
|
||||||
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
@@ -308,76 +330,84 @@ golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7w
|
|||||||
golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
|
||||||
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
|
||||||
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA=
|
golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
|
||||||
|
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q=
|
||||||
|
golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||||
golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c=
|
golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
|
||||||
golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o=
|
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||||
|
golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
|
||||||
|
golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek=
|
||||||
|
golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
|
||||||
|
golang.org/x/term v0.14.0 h1:LGK9IlZ8T9jvdy6cTdfKUCltatMFOehAQo9SRC46UQ8=
|
||||||
|
golang.org/x/term v0.14.0/go.mod h1:TySc+nGkYR6qt8km8wUhuFRTVSMIX3XPR58y2lC8vww=
|
||||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
|
||||||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||||
golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4=
|
golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
|
||||||
golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||||
|
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||||
|
golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
||||||
|
golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
|
||||||
|
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
||||||
|
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
|
||||||
|
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
|
||||||
golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
|
golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
|
||||||
golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
|
golang.org/x/time v0.4.0 h1:Z81tqI5ddIoXDPvVQ7/7CC9TnLM7ubaFG2qXYd5BbYY=
|
||||||
|
golang.org/x/time v0.4.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
|
||||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
|
||||||
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
|
|
||||||
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||||
golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
|
||||||
golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
|
||||||
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||||
golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
||||||
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
||||||
golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM=
|
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
|
||||||
golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc=
|
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
||||||
|
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
|
||||||
|
golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc=
|
||||||
|
golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg=
|
||||||
|
golang.org/x/tools v0.15.0 h1:zdAyfUGbYmuVokhzVmghFl2ZJh5QhcfebBgmVPFYA+8=
|
||||||
|
golang.org/x/tools v0.15.0/go.mod h1:hpksKq4dtpQWS1uQ61JkdqWM3LscIS6Slf+VVkm+wQk=
|
||||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
gomodules.xyz/jsonpatch/v2 v2.2.0 h1:4pT439QV83L+G9FkcCriY6EkpcK6r6bK+A5FBUMI7qY=
|
gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw=
|
||||||
gomodules.xyz/jsonpatch/v2 v2.2.0/go.mod h1:WXp+iVDkoLQqPudfQ9GBlwB2eZ5DKOnjQZCYdOS8GPY=
|
gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY=
|
||||||
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
|
google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM=
|
||||||
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
|
||||||
google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
|
|
||||||
google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
|
|
||||||
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
|
|
||||||
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
|
||||||
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
|
|
||||||
google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
|
||||||
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
|
||||||
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
|
|
||||||
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
|
||||||
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
|
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
|
||||||
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
|
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
|
||||||
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
|
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
|
||||||
google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
|
google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
|
||||||
google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
|
google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
|
||||||
google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
|
||||||
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
||||||
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
|
||||||
google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
|
|
||||||
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
|
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
|
||||||
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
||||||
google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng=
|
google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
|
||||||
google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
|
google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
|
||||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
|
||||||
gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
|
||||||
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
|
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
|
||||||
|
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
|
||||||
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
|
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
|
||||||
gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
|
gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
|
||||||
gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
|
gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
|
||||||
@@ -389,33 +419,49 @@ gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
|||||||
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
||||||
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
||||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
|
||||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
|
||||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
k8s.io/api v0.28.2 h1:9mpl5mOb6vXZvqbQmankOfPIGiudghwCoLl1EYfUZbw=
|
||||||
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
k8s.io/api v0.28.2/go.mod h1:RVnJBsjU8tcMq7C3iaRSGMeaKt2TWEUXcpIt/90fjEg=
|
||||||
k8s.io/api v0.26.2 h1:dM3cinp3PGB6asOySalOZxEG4CZ0IAdJsrYZXE/ovGQ=
|
k8s.io/api v0.28.3 h1:Gj1HtbSdB4P08C8rs9AR94MfSGpRhJgsS+GF9V26xMM=
|
||||||
k8s.io/api v0.26.2/go.mod h1:1kjMQsFE+QHPfskEcVNgL3+Hp88B80uj0QtSOlj8itU=
|
k8s.io/api v0.28.3/go.mod h1:MRCV/jr1dW87/qJnZ57U5Pak65LGmQVkKTzf3AtKFHc=
|
||||||
k8s.io/apiextensions-apiserver v0.26.1 h1:cB8h1SRk6e/+i3NOrQgSFij1B2S0Y0wDoNl66bn8RMI=
|
k8s.io/apiextensions-apiserver v0.28.2 h1:J6/QRWIKV2/HwBhHRVITMLYoypCoPY1ftigDM0Kn+QU=
|
||||||
k8s.io/apiextensions-apiserver v0.26.1/go.mod h1:AptjOSXDGuE0JICx/Em15PaoO7buLwTs0dGleIHixSM=
|
k8s.io/apiextensions-apiserver v0.28.2/go.mod h1:5tnkxLGa9nefefYzWuAlWZ7RZYuN/765Au8cWLA6SRg=
|
||||||
k8s.io/apimachinery v0.26.2 h1:da1u3D5wfR5u2RpLhE/ZtZS2P7QvDgLZTi9wrNZl/tQ=
|
k8s.io/apiextensions-apiserver v0.28.3 h1:Od7DEnhXHnHPZG+W9I97/fSQkVpVPQx2diy+2EtmY08=
|
||||||
k8s.io/apimachinery v0.26.2/go.mod h1:ats7nN1LExKHvJ9TmwootT00Yz05MuYqPXEXaVeOy5I=
|
k8s.io/apiextensions-apiserver v0.28.3/go.mod h1:NE1XJZ4On0hS11aWWJUTNkmVB03j9LM7gJSisbRt8Lc=
|
||||||
k8s.io/client-go v0.26.2 h1:s1WkVujHX3kTp4Zn4yGNFK+dlDXy1bAAkIl+cFAiuYI=
|
k8s.io/apimachinery v0.28.2 h1:KCOJLrc6gu+wV1BYgwik4AF4vXOlVJPdiqn0yAWWwXQ=
|
||||||
k8s.io/client-go v0.26.2/go.mod h1:u5EjOuSyBa09yqqyY7m3abZeovO/7D/WehVVlZ2qcqU=
|
k8s.io/apimachinery v0.28.2/go.mod h1:RdzF87y/ngqk9H4z3EL2Rppv5jj95vGS/HaFXrLDApU=
|
||||||
k8s.io/component-base v0.26.1 h1:4ahudpeQXHZL5kko+iDHqLj/FSGAEUnSVO0EBbgDd+4=
|
k8s.io/apimachinery v0.28.3 h1:B1wYx8txOaCQG0HmYF6nbpU8dg6HvA06x5tEffvOe7A=
|
||||||
k8s.io/component-base v0.26.1/go.mod h1:VHrLR0b58oC035w6YQiBSbtsf0ThuSwXP+p5dD/kAWU=
|
k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb8=
|
||||||
k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4=
|
k8s.io/client-go v0.28.2 h1:DNoYI1vGq0slMBN/SWKMZMw0Rq+0EQW6/AK4v9+3VeY=
|
||||||
k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
|
k8s.io/client-go v0.28.2/go.mod h1:sMkApowspLuc7omj1FOSUxSoqjr+d5Q0Yc0LOFnYFJY=
|
||||||
k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 h1:+70TFaan3hfJzs+7VK2o+OGxg8HsuBr/5f6tVAjDu6E=
|
k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4=
|
||||||
k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4=
|
k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo=
|
||||||
k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 h1:KTgPnR10d5zhztWptI952TNtt/4u5h3IzDXkdIMuo2Y=
|
k8s.io/component-base v0.28.2 h1:Yc1yU+6AQSlpJZyvehm/NkJBII72rzlEsd6MkBQ+G0E=
|
||||||
k8s.io/utils v0.0.0-20221128185143-99ec85e7a448/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
|
k8s.io/component-base v0.28.2/go.mod h1:4IuQPQviQCg3du4si8GpMrhAIegxpsgPngPRR/zWpzc=
|
||||||
sigs.k8s.io/controller-runtime v0.14.4 h1:Kd/Qgx5pd2XUL08eOV2vwIq3L9GhIbJ5Nxengbd4/0M=
|
k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI=
|
||||||
sigs.k8s.io/controller-runtime v0.14.4/go.mod h1:WqIdsAY6JBsjfc/CqO0CORmNtoCtE4S6qbPc9s68h+0=
|
k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8=
|
||||||
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k=
|
k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
|
||||||
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
|
k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
|
||||||
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=
|
k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0=
|
||||||
sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E=
|
k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo=
|
||||||
|
k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780=
|
||||||
|
k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA=
|
||||||
|
k8s.io/kube-openapi v0.0.0-20231113174909-778a5567bc1e h1:snPmy96t93RredGRjKfMFt+gvxuVAncqSAyBveJtr4Q=
|
||||||
|
k8s.io/kube-openapi v0.0.0-20231113174909-778a5567bc1e/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA=
|
||||||
|
k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI=
|
||||||
|
k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
|
||||||
|
sigs.k8s.io/controller-runtime v0.16.2 h1:mwXAVuEk3EQf478PQwQ48zGOXvW27UJc8NHktQVuIPU=
|
||||||
|
sigs.k8s.io/controller-runtime v0.16.2/go.mod h1:vpMu3LpI5sYWtujJOa2uPK61nB5rbwlN7BAB8aSLvGU=
|
||||||
|
sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4=
|
||||||
|
sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0=
|
||||||
|
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
|
||||||
|
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
|
||||||
|
sigs.k8s.io/structured-merge-diff/v4 v4.3.0 h1:UZbZAZfX0wV2zr7YZorDz6GXROfDFj6LvqCRm4VUVKk=
|
||||||
|
sigs.k8s.io/structured-merge-diff/v4 v4.3.0/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08=
|
||||||
|
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4=
|
||||||
|
sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08=
|
||||||
sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
|
sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
|
||||||
sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8=
|
sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8=
|
||||||
|
sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E=
|
||||||
|
sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=
|
||||||
|
|||||||
59
main.go
59
main.go
@@ -40,6 +40,8 @@ import (
|
|||||||
ctrl "sigs.k8s.io/controller-runtime"
|
ctrl "sigs.k8s.io/controller-runtime"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/cache"
|
"sigs.k8s.io/controller-runtime/pkg/cache"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/client"
|
"sigs.k8s.io/controller-runtime/pkg/client"
|
||||||
|
metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
|
||||||
|
"sigs.k8s.io/controller-runtime/pkg/webhook"
|
||||||
// +kubebuilder:scaffold:imports
|
// +kubebuilder:scaffold:imports
|
||||||
)
|
)
|
||||||
|
|
||||||
@@ -163,7 +165,12 @@ func main() {
|
|||||||
ctrl.SetLogger(log)
|
ctrl.SetLogger(log)
|
||||||
|
|
||||||
managerNamespace := ""
|
managerNamespace := ""
|
||||||
var newCache cache.NewCacheFunc
|
var defaultNamespaces map[string]cache.Config
|
||||||
|
if namespace != "" {
|
||||||
|
defaultNamespaces = map[string]cache.Config{
|
||||||
|
namespace: {},
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if autoScalingRunnerSetOnly {
|
if autoScalingRunnerSetOnly {
|
||||||
managerNamespace = os.Getenv("CONTROLLER_MANAGER_POD_NAMESPACE")
|
managerNamespace = os.Getenv("CONTROLLER_MANAGER_POD_NAMESPACE")
|
||||||
@@ -173,7 +180,12 @@ func main() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if len(watchSingleNamespace) > 0 {
|
if len(watchSingleNamespace) > 0 {
|
||||||
newCache = cache.MultiNamespacedCacheBuilder([]string{managerNamespace, watchSingleNamespace})
|
if defaultNamespaces == nil {
|
||||||
|
defaultNamespaces = make(map[string]cache.Config)
|
||||||
|
}
|
||||||
|
|
||||||
|
defaultNamespaces[watchSingleNamespace] = cache.Config{}
|
||||||
|
defaultNamespaces[managerNamespace] = cache.Config{}
|
||||||
}
|
}
|
||||||
|
|
||||||
switch updateStrategy {
|
switch updateStrategy {
|
||||||
@@ -185,31 +197,38 @@ func main() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
listenerPullPolicy := os.Getenv("CONTROLLER_MANAGER_LISTENER_IMAGE_PULL_POLICY")
|
|
||||||
if actionsgithubcom.SetListenerImagePullPolicy(listenerPullPolicy) {
|
|
||||||
log.Info("AutoscalingListener image pull policy changed", "ImagePullPolicy", listenerPullPolicy)
|
|
||||||
} else {
|
|
||||||
log.Info("Using default AutoscalingListener image pull policy", "ImagePullPolicy", actionsgithubcom.DefaultScaleSetListenerImagePullPolicy)
|
|
||||||
}
|
|
||||||
|
|
||||||
if actionsgithubcom.SetListenerLoggingParameters(logLevel, logFormat) {
|
if actionsgithubcom.SetListenerLoggingParameters(logLevel, logFormat) {
|
||||||
log.Info("AutoscalingListener logging parameters changed", "LogLevel", logLevel, "LogFormat", logFormat)
|
log.Info("AutoscalingListener logging parameters changed", "LogLevel", logLevel, "LogFormat", logFormat)
|
||||||
} else {
|
} else {
|
||||||
log.Info("Using default AutoscalingListener logging parameters", "LogLevel", actionsgithubcom.DefaultScaleSetListenerLogLevel, "LogFormat", actionsgithubcom.DefaultScaleSetListenerLogFormat)
|
log.Info("Using default AutoscalingListener logging parameters", "LogLevel", actionsgithubcom.DefaultScaleSetListenerLogLevel, "LogFormat", actionsgithubcom.DefaultScaleSetListenerLogFormat)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var webhookServer webhook.Server
|
||||||
|
if port != 0 {
|
||||||
|
webhookServer = webhook.NewServer(webhook.Options{
|
||||||
|
Port: port,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
|
mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
|
||||||
Scheme: scheme,
|
Scheme: scheme,
|
||||||
NewCache: newCache,
|
Metrics: metricsserver.Options{
|
||||||
MetricsBindAddress: metricsAddr,
|
BindAddress: metricsAddr,
|
||||||
LeaderElection: enableLeaderElection,
|
},
|
||||||
LeaderElectionID: leaderElectionId,
|
Cache: cache.Options{
|
||||||
Port: port,
|
SyncPeriod: &syncPeriod,
|
||||||
SyncPeriod: &syncPeriod,
|
DefaultNamespaces: defaultNamespaces,
|
||||||
Namespace: namespace,
|
},
|
||||||
ClientDisableCacheFor: []client.Object{
|
WebhookServer: webhookServer,
|
||||||
&corev1.Secret{},
|
LeaderElection: enableLeaderElection,
|
||||||
&corev1.ConfigMap{},
|
LeaderElectionID: leaderElectionId,
|
||||||
|
Client: client.Options{
|
||||||
|
Cache: &client.CacheOptions{
|
||||||
|
DisableFor: []client.Object{
|
||||||
|
&corev1.Secret{},
|
||||||
|
&corev1.ConfigMap{},
|
||||||
|
},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
@@ -8,6 +8,7 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/runtime"
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
ctrl "sigs.k8s.io/controller-runtime"
|
ctrl "sigs.k8s.io/controller-runtime"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/manager"
|
"sigs.k8s.io/controller-runtime/pkg/manager"
|
||||||
|
"sigs.k8s.io/controller-runtime/pkg/webhook"
|
||||||
)
|
)
|
||||||
|
|
||||||
type Config struct {
|
type Config struct {
|
||||||
@@ -28,7 +29,9 @@ func New(checkpointerConfig *Config) (*ConfigMapCheckpointer, manager.Manager, e
|
|||||||
mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
|
mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
|
||||||
Scheme: checkpointerConfig.Scheme,
|
Scheme: checkpointerConfig.Scheme,
|
||||||
LeaderElectionID: "hookdeliveryforwarder",
|
LeaderElectionID: "hookdeliveryforwarder",
|
||||||
Port: 9443,
|
WebhookServer: webhook.NewServer(webhook.Options{
|
||||||
|
Port: 9443,
|
||||||
|
}),
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, fmt.Errorf("unable to start manager: %v", err)
|
return nil, nil, fmt.Errorf("unable to start manager: %v", err)
|
||||||
|
|||||||
@@ -6,9 +6,9 @@ DIND_ROOTLESS_RUNNER_NAME ?= ${DOCKER_USER}/actions-runner-dind-rootless
|
|||||||
OS_IMAGE ?= ubuntu-22.04
|
OS_IMAGE ?= ubuntu-22.04
|
||||||
TARGETPLATFORM ?= $(shell arch)
|
TARGETPLATFORM ?= $(shell arch)
|
||||||
|
|
||||||
RUNNER_VERSION ?= 2.309.0
|
RUNNER_VERSION ?= 2.311.0
|
||||||
RUNNER_CONTAINER_HOOKS_VERSION ?= 0.3.2
|
RUNNER_CONTAINER_HOOKS_VERSION ?= 0.5.0
|
||||||
DOCKER_VERSION ?= 20.10.23
|
DOCKER_VERSION ?= 24.0.7
|
||||||
|
|
||||||
# default list of platforms for which multiarch image is built
|
# default list of platforms for which multiarch image is built
|
||||||
ifeq (${PLATFORMS}, )
|
ifeq (${PLATFORMS}, )
|
||||||
|
|||||||
@@ -1,2 +1,2 @@
|
|||||||
RUNNER_VERSION=2.309.0
|
RUNNER_VERSION=2.311.0
|
||||||
RUNNER_CONTAINER_HOOKS_VERSION=0.3.2
|
RUNNER_CONTAINER_HOOKS_VERSION=0.5.0
|
||||||
@@ -5,7 +5,7 @@ ARG RUNNER_VERSION
|
|||||||
ARG RUNNER_CONTAINER_HOOKS_VERSION
|
ARG RUNNER_CONTAINER_HOOKS_VERSION
|
||||||
# Docker and Docker Compose arguments
|
# Docker and Docker Compose arguments
|
||||||
ENV CHANNEL=stable
|
ENV CHANNEL=stable
|
||||||
ARG DOCKER_COMPOSE_VERSION=v2.20.0
|
ARG DOCKER_COMPOSE_VERSION=v2.23.0
|
||||||
ARG DUMB_INIT_VERSION=1.2.5
|
ARG DUMB_INIT_VERSION=1.2.5
|
||||||
|
|
||||||
# Other arguments
|
# Other arguments
|
||||||
|
|||||||
@@ -5,7 +5,7 @@ ARG RUNNER_VERSION
|
|||||||
ARG RUNNER_CONTAINER_HOOKS_VERSION
|
ARG RUNNER_CONTAINER_HOOKS_VERSION
|
||||||
# Docker and Docker Compose arguments
|
# Docker and Docker Compose arguments
|
||||||
ENV CHANNEL=stable
|
ENV CHANNEL=stable
|
||||||
ARG DOCKER_COMPOSE_VERSION=v2.20.0
|
ARG DOCKER_COMPOSE_VERSION=v2.23.0
|
||||||
ARG DUMB_INIT_VERSION=1.2.5
|
ARG DUMB_INIT_VERSION=1.2.5
|
||||||
ARG RUNNER_USER_UID=1001
|
ARG RUNNER_USER_UID=1001
|
||||||
|
|
||||||
@@ -30,6 +30,7 @@ RUN apt-get update -y \
|
|||||||
uidmap \
|
uidmap \
|
||||||
unzip \
|
unzip \
|
||||||
zip \
|
zip \
|
||||||
|
fuse-overlayfs \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
# Download latest git-lfs version
|
# Download latest git-lfs version
|
||||||
|
|||||||
@@ -5,8 +5,8 @@ ARG RUNNER_VERSION
|
|||||||
ARG RUNNER_CONTAINER_HOOKS_VERSION
|
ARG RUNNER_CONTAINER_HOOKS_VERSION
|
||||||
# Docker and Docker Compose arguments
|
# Docker and Docker Compose arguments
|
||||||
ARG CHANNEL=stable
|
ARG CHANNEL=stable
|
||||||
ARG DOCKER_VERSION=20.10.23
|
ARG DOCKER_VERSION=24.0.7
|
||||||
ARG DOCKER_COMPOSE_VERSION=v2.20.0
|
ARG DOCKER_COMPOSE_VERSION=v2.23.0
|
||||||
ARG DUMB_INIT_VERSION=1.2.5
|
ARG DUMB_INIT_VERSION=1.2.5
|
||||||
|
|
||||||
# Use 1001 and 121 for compatibility with GitHub-hosted runners
|
# Use 1001 and 121 for compatibility with GitHub-hosted runners
|
||||||
|
|||||||
@@ -5,8 +5,8 @@ ARG RUNNER_VERSION
|
|||||||
ARG RUNNER_CONTAINER_HOOKS_VERSION
|
ARG RUNNER_CONTAINER_HOOKS_VERSION
|
||||||
# Docker and Docker Compose arguments
|
# Docker and Docker Compose arguments
|
||||||
ARG CHANNEL=stable
|
ARG CHANNEL=stable
|
||||||
ARG DOCKER_VERSION=20.10.23
|
ARG DOCKER_VERSION=24.0.7
|
||||||
ARG DOCKER_COMPOSE_VERSION=v2.20.0
|
ARG DOCKER_COMPOSE_VERSION=v2.23.0
|
||||||
ARG DUMB_INIT_VERSION=1.2.5
|
ARG DUMB_INIT_VERSION=1.2.5
|
||||||
ARG RUNNER_USER_UID=1001
|
ARG RUNNER_USER_UID=1001
|
||||||
ARG DOCKER_GROUP_GID=121
|
ARG DOCKER_GROUP_GID=121
|
||||||
|
|||||||
@@ -5,8 +5,8 @@ ARG RUNNER_VERSION
|
|||||||
ARG RUNNER_CONTAINER_HOOKS_VERSION
|
ARG RUNNER_CONTAINER_HOOKS_VERSION
|
||||||
# Docker and Docker Compose arguments
|
# Docker and Docker Compose arguments
|
||||||
ARG CHANNEL=stable
|
ARG CHANNEL=stable
|
||||||
ARG DOCKER_VERSION=20.10.23
|
ARG DOCKER_VERSION=24.0.7
|
||||||
ARG DOCKER_COMPOSE_VERSION=v2.20.0
|
ARG DOCKER_COMPOSE_VERSION=v2.23.0
|
||||||
ARG DUMB_INIT_VERSION=1.2.5
|
ARG DUMB_INIT_VERSION=1.2.5
|
||||||
|
|
||||||
# Use 1001 and 121 for compatibility with GitHub-hosted runners
|
# Use 1001 and 121 for compatibility with GitHub-hosted runners
|
||||||
|
|||||||
@@ -5,8 +5,8 @@ ARG RUNNER_VERSION
|
|||||||
ARG RUNNER_CONTAINER_HOOKS_VERSION
|
ARG RUNNER_CONTAINER_HOOKS_VERSION
|
||||||
# Docker and Docker Compose arguments
|
# Docker and Docker Compose arguments
|
||||||
ARG CHANNEL=stable
|
ARG CHANNEL=stable
|
||||||
ARG DOCKER_VERSION=20.10.23
|
ARG DOCKER_VERSION=24.0.7
|
||||||
ARG DOCKER_COMPOSE_VERSION=v2.20.0
|
ARG DOCKER_COMPOSE_VERSION=v2.23.0
|
||||||
ARG DUMB_INIT_VERSION=1.2.5
|
ARG DUMB_INIT_VERSION=1.2.5
|
||||||
ARG RUNNER_USER_UID=1001
|
ARG RUNNER_USER_UID=1001
|
||||||
ARG DOCKER_GROUP_GID=121
|
ARG DOCKER_GROUP_GID=121
|
||||||
|
|||||||
@@ -36,7 +36,8 @@ var (
|
|||||||
|
|
||||||
testResultCMNamePrefix = "test-result-"
|
testResultCMNamePrefix = "test-result-"
|
||||||
|
|
||||||
RunnerVersion = "2.309.0"
|
RunnerVersion = "2.311.0"
|
||||||
|
RunnerContainerHooksVersion = "0.5.0"
|
||||||
)
|
)
|
||||||
|
|
||||||
// If you're willing to run this test via VS Code "run test" or "debug test",
|
// If you're willing to run this test via VS Code "run test" or "debug test",
|
||||||
@@ -458,7 +459,7 @@ func buildVars(repo, ubuntuVer string) vars {
|
|||||||
runnerRootlessDindImage = testing.Img(runnerRootlessDindImageRepo, runnerImageTag)
|
runnerRootlessDindImage = testing.Img(runnerRootlessDindImageRepo, runnerImageTag)
|
||||||
|
|
||||||
dindSidecarImageRepo = "docker"
|
dindSidecarImageRepo = "docker"
|
||||||
dindSidecarImageTag = "20.10.23-dind"
|
dindSidecarImageTag = "24.0.7-dind"
|
||||||
dindSidecarImage = testing.Img(dindSidecarImageRepo, dindSidecarImageTag)
|
dindSidecarImage = testing.Img(dindSidecarImageRepo, dindSidecarImageTag)
|
||||||
)
|
)
|
||||||
|
|
||||||
@@ -496,6 +497,10 @@ func buildVars(repo, ubuntuVer string) vars {
|
|||||||
Name: "RUNNER_VERSION",
|
Name: "RUNNER_VERSION",
|
||||||
Value: RunnerVersion,
|
Value: RunnerVersion,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
Name: "RUNNER_CONTAINER_HOOKS_VERSION",
|
||||||
|
Value: RunnerContainerHooksVersion,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
Image: runnerImage,
|
Image: runnerImage,
|
||||||
EnableBuildX: true,
|
EnableBuildX: true,
|
||||||
@@ -507,6 +512,10 @@ func buildVars(repo, ubuntuVer string) vars {
|
|||||||
Name: "RUNNER_VERSION",
|
Name: "RUNNER_VERSION",
|
||||||
Value: RunnerVersion,
|
Value: RunnerVersion,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
Name: "RUNNER_CONTAINER_HOOKS_VERSION",
|
||||||
|
Value: RunnerContainerHooksVersion,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
Image: runnerDindImage,
|
Image: runnerDindImage,
|
||||||
EnableBuildX: true,
|
EnableBuildX: true,
|
||||||
@@ -518,6 +527,10 @@ func buildVars(repo, ubuntuVer string) vars {
|
|||||||
Name: "RUNNER_VERSION",
|
Name: "RUNNER_VERSION",
|
||||||
Value: RunnerVersion,
|
Value: RunnerVersion,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
Name: "RUNNER_CONTAINER_HOOKS_VERSION",
|
||||||
|
Value: RunnerContainerHooksVersion,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
Image: runnerRootlessDindImage,
|
Image: runnerRootlessDindImage,
|
||||||
EnableBuildX: true,
|
EnableBuildX: true,
|
||||||
@@ -1097,7 +1110,7 @@ func installActionsWorkflow(t *testing.T, testName, runnerLabel, testResultCMNam
|
|||||||
testing.Step{
|
testing.Step{
|
||||||
Uses: "actions/setup-go@v3",
|
Uses: "actions/setup-go@v3",
|
||||||
With: &testing.With{
|
With: &testing.With{
|
||||||
GoVersion: "1.18.2",
|
GoVersion: "1.21.3",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
@@ -1227,7 +1240,7 @@ func installActionsWorkflow(t *testing.T, testName, runnerLabel, testResultCMNam
|
|||||||
testing.Step{
|
testing.Step{
|
||||||
Uses: "azure/setup-kubectl@v1",
|
Uses: "azure/setup-kubectl@v1",
|
||||||
With: &testing.With{
|
With: &testing.With{
|
||||||
Version: "v1.20.2",
|
Version: "v1.21.3",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
testing.Step{
|
testing.Step{
|
||||||
|
|||||||
@@ -21,6 +21,9 @@ var images = map[string]string{
|
|||||||
"1.22": "kindest/node:v1.22.9@sha256:8135260b959dfe320206eb36b3aeda9cffcb262f4b44cda6b33f7bb73f453105",
|
"1.22": "kindest/node:v1.22.9@sha256:8135260b959dfe320206eb36b3aeda9cffcb262f4b44cda6b33f7bb73f453105",
|
||||||
"1.23": "kindest/node:v1.23.6@sha256:b1fa224cc6c7ff32455e0b1fd9cbfd3d3bc87ecaa8fcb06961ed1afb3db0f9ae",
|
"1.23": "kindest/node:v1.23.6@sha256:b1fa224cc6c7ff32455e0b1fd9cbfd3d3bc87ecaa8fcb06961ed1afb3db0f9ae",
|
||||||
"1.24": "kindest/node:v1.24.0@sha256:0866296e693efe1fed79d5e6c7af8df71fc73ae45e3679af05342239cdc5bc8e",
|
"1.24": "kindest/node:v1.24.0@sha256:0866296e693efe1fed79d5e6c7af8df71fc73ae45e3679af05342239cdc5bc8e",
|
||||||
|
"1.25": "kindest/node:v1.25.11@sha256:227fa11ce74ea76a0474eeefb84cb75d8dad1b08638371ecf0e86259b35be0c8",
|
||||||
|
"1.26": "kindest/node:v1.26.6@sha256:6e2d8b28a5b601defe327b98bd1c2d1930b49e5d8c512e1895099e4504007adb",
|
||||||
|
"1.27": "kindest/node:v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72",
|
||||||
}
|
}
|
||||||
|
|
||||||
func Img(repo, tag string) ContainerImage {
|
func Img(repo, tag string) ContainerImage {
|
||||||
@@ -335,7 +338,10 @@ func (k *Kind) Start(ctx context.Context, k8sMinorVer string) error {
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
image := images[k8sMinorVer]
|
image, ok := images[k8sMinorVer]
|
||||||
|
if !ok {
|
||||||
|
return fmt.Errorf("no kind image found for k8s minor version %q", k8sMinorVer)
|
||||||
|
}
|
||||||
|
|
||||||
kindConfig := []byte(fmt.Sprintf(`kind: Cluster
|
kindConfig := []byte(fmt.Sprintf(`kind: Cluster
|
||||||
apiVersion: kind.x-k8s.io/v1alpha4
|
apiVersion: kind.x-k8s.io/v1alpha4
|
||||||
|
|||||||
Reference in New Issue
Block a user