-
Notifications
You must be signed in to change notification settings - Fork 3
/
appprojects.argoproj.io-crd.yaml.tf
329 lines (328 loc) · 14.2 KB
/
appprojects.argoproj.io-crd.yaml.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
resource "kubernetes_manifest" "customresourcedefinition_appprojects_argoproj_io" {
provider = kubernetes-alpha
manifest = {
"apiVersion" = "apiextensions.k8s.io/v1beta1"
"kind" = "CustomResourceDefinition"
"metadata" = {
"labels" = {
"app.kubernetes.io/name" = "appprojects.argoproj.io"
"app.kubernetes.io/part-of" = "argocd"
}
"name" = "appprojects.argoproj.io"
}
"spec" = {
"group" = "argoproj.io"
"names" = {
"kind" = "AppProject"
"listKind" = "AppProjectList"
"plural" = "appprojects"
"shortNames" = [
"appproj",
"appprojs",
]
"singular" = "appproject"
}
"scope" = "Namespaced"
"validation" = {
"openAPIV3Schema" = {
"description" = "AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)"
"properties" = {
"apiVersion" = {
"description" = "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
"type" = "string"
}
"kind" = {
"description" = "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
"type" = "string"
}
"metadata" = {
"type" = "object"
}
"spec" = {
"description" = "AppProjectSpec is the specification of an AppProject"
"properties" = {
"clusterResourceBlacklist" = {
"description" = "ClusterResourceBlacklist contains list of blacklisted cluster level resources"
"items" = {
"description" = "GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types"
"properties" = {
"group" = {
"type" = "string"
}
"kind" = {
"type" = "string"
}
}
"required" = [
"group",
"kind",
]
"type" = "object"
}
"type" = "array"
}
"clusterResourceWhitelist" = {
"description" = "ClusterResourceWhitelist contains list of whitelisted cluster level resources"
"items" = {
"description" = "GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types"
"properties" = {
"group" = {
"type" = "string"
}
"kind" = {
"type" = "string"
}
}
"required" = [
"group",
"kind",
]
"type" = "object"
}
"type" = "array"
}
"description" = {
"description" = "Description contains optional project description"
"type" = "string"
}
"destinations" = {
"description" = "Destinations contains list of destinations available for deployment"
"items" = {
"description" = "ApplicationDestination contains deployment destination information"
"properties" = {
"name" = {
"description" = "Name of the destination cluster which can be used instead of server (url) field"
"type" = "string"
}
"namespace" = {
"description" = "Namespace overrides the environment namespace value in the ksonnet app.yaml"
"type" = "string"
}
"server" = {
"description" = "Server overrides the environment server value in the ksonnet app.yaml"
"type" = "string"
}
}
"type" = "object"
}
"type" = "array"
}
"namespaceResourceBlacklist" = {
"description" = "NamespaceResourceBlacklist contains list of blacklisted namespace level resources"
"items" = {
"description" = "GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types"
"properties" = {
"group" = {
"type" = "string"
}
"kind" = {
"type" = "string"
}
}
"required" = [
"group",
"kind",
]
"type" = "object"
}
"type" = "array"
}
"namespaceResourceWhitelist" = {
"description" = "NamespaceResourceWhitelist contains list of whitelisted namespace level resources"
"items" = {
"description" = "GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types"
"properties" = {
"group" = {
"type" = "string"
}
"kind" = {
"type" = "string"
}
}
"required" = [
"group",
"kind",
]
"type" = "object"
}
"type" = "array"
}
"orphanedResources" = {
"description" = "OrphanedResources specifies if controller should monitor orphaned resources of apps in this project"
"properties" = {
"ignore" = {
"items" = {
"properties" = {
"group" = {
"type" = "string"
}
"kind" = {
"type" = "string"
}
"name" = {
"type" = "string"
}
}
"type" = "object"
}
"type" = "array"
}
"warn" = {
"description" = "Warn indicates if warning condition should be created for apps which have orphaned resources"
"type" = "boolean"
}
}
"type" = "object"
}
"roles" = {
"description" = "Roles are user defined RBAC roles associated with this project"
"items" = {
"description" = "ProjectRole represents a role that has access to a project"
"properties" = {
"description" = {
"description" = "Description is a description of the role"
"type" = "string"
}
"groups" = {
"description" = "Groups are a list of OIDC group claims bound to this role"
"items" = {
"type" = "string"
}
"type" = "array"
}
"jwtTokens" = {
"description" = "JWTTokens are a list of generated JWT tokens bound to this role"
"items" = {
"description" = "JWTToken holds the issuedAt and expiresAt values of a token"
"properties" = {
"exp" = {
"format" = "int64"
"type" = "integer"
}
"iat" = {
"format" = "int64"
"type" = "integer"
}
"id" = {
"type" = "string"
}
}
"required" = [
"iat",
]
"type" = "object"
}
"type" = "array"
}
"name" = {
"description" = "Name is a name for this role"
"type" = "string"
}
"policies" = {
"description" = "Policies Stores a list of casbin formated strings that define access policies for the role in the project"
"items" = {
"type" = "string"
}
"type" = "array"
}
}
"required" = [
"name",
]
"type" = "object"
}
"type" = "array"
}
"signatureKeys" = {
"description" = "List of PGP key IDs that commits to be synced to must be signed with"
"items" = {
"description" = "SignatureKey is the specification of a key required to verify commit signatures with"
"properties" = {
"keyID" = {
"description" = "The ID of the key in hexadecimal notation"
"type" = "string"
}
}
"required" = [
"keyID",
]
"type" = "object"
}
"type" = "array"
}
"sourceRepos" = {
"description" = "SourceRepos contains list of repository URLs which can be used for deployment"
"items" = {
"type" = "string"
}
"type" = "array"
}
"syncWindows" = {
"description" = "SyncWindows controls when syncs can be run for apps in this project"
"items" = {
"description" = "SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps"
"properties" = {
"applications" = {
"description" = "Applications contains a list of applications that the window will apply to"
"items" = {
"type" = "string"
}
"type" = "array"
}
"clusters" = {
"description" = "Clusters contains a list of clusters that the window will apply to"
"items" = {
"type" = "string"
}
"type" = "array"
}
"duration" = {
"description" = "Duration is the amount of time the sync window will be open"
"type" = "string"
}
"kind" = {
"description" = "Kind defines if the window allows or blocks syncs"
"type" = "string"
}
"manualSync" = {
"description" = "ManualSync enables manual syncs when they would otherwise be blocked"
"type" = "boolean"
}
"namespaces" = {
"description" = "Namespaces contains a list of namespaces that the window will apply to"
"items" = {
"type" = "string"
}
"type" = "array"
}
"schedule" = {
"description" = "Schedule is the time the window will begin, specified in cron format"
"type" = "string"
}
}
"type" = "object"
}
"type" = "array"
}
}
"type" = "object"
}
}
"required" = [
"metadata",
"spec",
]
"type" = "object"
}
}
"version" = "v1alpha1"
"versions" = [
{
"name" = "v1alpha1"
"served" = true
"storage" = true
},
]
}
}
}