diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 6fddca0d..63d40a6d 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,3 +5,21 @@ updates: directory: "/" schedule: interval: "weekly" + + # Maintain Go dependencies + - package-ecosystem: "gomod" + directory: "/" + schedule: + interval: "weekly" + + # Maintain npm dependencies in docs folder + - package-ecosystem: "npm" + directory: "/docs" + schedule: + interval: "weekly" + + # Maintain Docker dependencies + - package-ecosystem: "docker" + directory: "/" + schedule: + interval: "weekly" diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index c6504f09..7619eee3 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -6,26 +6,26 @@ on: - main env: - GO_VERSION: ^1.20 - HELM_VERSION: v3.11.2 - PYTHON_VERSION: 3.7 # required for helm tester + GO_VERSION: '1.24' + HELM_VERSION: v3.18.0 + PYTHON_VERSION: '3.12' # required for helm tester jobs: run-tests: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: ${{ env.GO_VERSION }} - name: Run golangci-lint - uses: golangci/golangci-lint-action@v3 + uses: golangci/golangci-lint-action@v4 with: - args: --timeout=3m --enable exportloopref + args: --timeout=3m --enable copyloopvar --out-format colored-line-number skip-pkg-cache: true skip-build-cache: true @@ -37,15 +37,15 @@ jobs: needs: run-tests steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build operator image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: - tags: ibmcom/operator-for-redis:local + tags: cinple/operator-for-redis-cluster-operator:local file: Dockerfile.operator build-cluster-node: @@ -53,15 +53,15 @@ jobs: needs: run-tests steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build redis node image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: - tags: ibmcom/node-for-redis:local + tags: cinple/operator-for-redis-cluster-node:local file: Dockerfile.node build-metrics: @@ -69,15 +69,15 @@ jobs: needs: run-tests steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build redis metrics image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: - tags: ibmcom/metrics-for-redis:local + tags: cinple/operator-for-redis-cluster-metrics:local file: Dockerfile.metrics validate-helm-charts: @@ -85,22 +85,22 @@ jobs: needs: run-tests steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 # ct needs history to compare - name: Setup Helm - uses: azure/setup-helm@v3.5 + uses: azure/setup-helm@v4 with: version: ${{ env.HELM_VERSION }} - name: Setup Python - uses: actions/setup-python@v4.7.0 + uses: actions/setup-python@v5 with: python-version: ${{ env.PYTHON_VERSION }} - name: Setup chart-testing - uses: helm/chart-testing-action@v2.4.0 + uses: helm/chart-testing-action@v2.6.0 - name: Run chart-testing (list-changed) id: list-changed @@ -116,11 +116,11 @@ jobs: check-docs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: - node-version: 16.17.1 # This is recommended LTS version which includes npm 6.14.10 + node-version: 22.x # Latest LTS - name: Build docs website run: | npm -v @@ -135,35 +135,40 @@ jobs: strategy: fail-fast: false matrix: - kubernetes-version: [ "1.26" ] #, "1.25", "1.24", "1.23"] + kubernetes-version: [ "1.33" ] #, "1.32", "1.31" ] include: - - kubernetes-version: "1.26" - kind-node: kindest/node:v1.26.6@sha256:6e2d8b28a5b601defe327b98bd1c2d1930b49e5d8c512e1895099e4504007adb - # - kubernetes-version: "1.25" - # kind-node: kindest/node:v1.25.11@sha256:227fa11ce74ea76a0474eeefb84cb75d8dad1b08638371ecf0e86259b35be0c8 - # - kubernetes-version: "1.24" - # kind-node: kindest/node:v1.24.15@sha256:7db4f8bea3e14b82d12e044e25e34bd53754b7f2b0e9d56df21774e6f66a70ab - # - kubernetes-version: "1.23" - # kind-node: kindest/node:v1.23.17@sha256:59c989ff8a517a93127d4a536e7014d28e235fb3529d9fba91b3951d461edfdb + - kubernetes-version: "1.33" + kind-node: kindest/node:v1.33.1@sha256:050072256b9a903bd914c0b2866828150cb229cea0efe5892e2b644d5dd3b34f + # - kubernetes-version: "1.32" + # kind-node: kindest/node:v1.32.5@sha256:e3b2327e3a5ab8c76f5ece68936e4cafaa82edf58486b769727ab0b3b97a5b0d + # - kubernetes-version: "1.31" + # kind-node: kindest/node:v1.31.9@sha256:b94a3a6c06198d17f59cca8c6f486236fa05e2fb359cbd75dabbfc348a10b211 + + steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: ${{ env.GO_VERSION }} + - name: Setup Helm + uses: azure/setup-helm@v4 + with: + version: ${{ env.HELM_VERSION }} + - name: Build images run: | - docker build -f Dockerfile.operator -t ibmcom/operator-for-redis:local . - docker build -f Dockerfile.node -t ibmcom/node-for-redis:local -t ibmcom/node-for-redis:new . - docker build -f Dockerfile.metrics -t ibmcom/metrics-for-redis:local . + docker build -f Dockerfile.operator -t cinple/operator-for-redis-cluster-operator:local . + docker build -f Dockerfile.node -t cinple/operator-for-redis-cluster-node:local -t cinple/operator-for-redis-cluster-node:new . + docker build -f Dockerfile.metrics -t cinple/operator-for-redis-cluster-metrics:local . - name: kind create cluster - uses: helm/kind-action@v1.8.0 + uses: helm/kind-action@v1.12.0 with: - version: v0.18.0 + version: v0.29.0 config: ./test/e2e/kind_config.yml cluster_name: kind node_image: ${{ matrix.kind-node }} @@ -171,14 +176,14 @@ jobs: - name: Load Images to KIND run: | - kind load docker-image ibmcom/operator-for-redis:local - kind load docker-image ibmcom/node-for-redis:local - kind load docker-image ibmcom/node-for-redis:new - kind load docker-image ibmcom/metrics-for-redis:local + kind load docker-image cinple/operator-for-redis-cluster-operator:local + kind load docker-image cinple/operator-for-redis-cluster-node:local + kind load docker-image cinple/operator-for-redis-cluster-node:new + kind load docker-image cinple/operator-for-redis-cluster-metrics:local - - name: Install operator-for-redis with Helm + - name: Install operator-for-redis-cluster with Helm id: helm - run: helm install operator-for-redis charts/operator-for-redis --wait --set image.repository=ibmcom/operator-for-redis --set image.tag=local --set logLevel=7 + run: helm install operator-for-redis-cluster charts/operator-for-redis --wait --set image.repository=cinple/operator-for-redis-cluster-operator --set image.tag=local --set logLevel=7 - name: Run e2e tests id: e2e @@ -193,7 +198,7 @@ jobs: - name: Upload logs artifact if: ${{ always() && (steps.e2e.outcome == 'failure' || steps.helm.outcome == 'failure') }} - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: kind-e2e-logs-${{ matrix.kubernetes-version }}.tar path: kind-e2e-logs-${{ matrix.kubernetes-version }}.tar diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 67ad9773..83a9cc4d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,9 +6,9 @@ on: - published env: - GO_VERSION: ^1.20 - HELM_VERSION: v3.11.2 - REDIS_VERSION: 7.0.12 + GO_VERSION: '1.24' + HELM_VERSION: v3.18.0 + REDIS_VERSION: 7.2.4 CRD_PATH: charts/operator-for-redis/crds/db.ibm.com_redisclusters.yaml CRD_DIFF: crd.diff @@ -19,24 +19,24 @@ jobs: version: ${{ steps.meta.outputs.version }} steps: - name: Setup Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Prepare image metadata - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 id: meta with: images: | - cinple/operator-for-redis + cinple/operator-for-redis-cluster-operator tags: type=ref,event=tag - name: Login to DockerHub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push operator image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: file: Dockerfile.operator push: true @@ -54,24 +54,24 @@ jobs: version: ${{ steps.meta.outputs.version }} steps: - name: Setup Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Prepare image metadata - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 id: meta with: images: | - cinple/node-for-redis + cinple/operator-for-redis-cluster-node tags: type=ref,event=tag - name: Login to DockerHub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push cluster node image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: file: Dockerfile.node push: true @@ -88,24 +88,24 @@ jobs: version: ${{ steps.meta.outputs.version }} steps: - name: Setup Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Prepare image metadata - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 id: meta with: images: | - cinple/metrics-for-redis + cinple/operator-for-redis-cluster-metrics tags: type=ref,event=tag - name: Login to DockerHub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push metrics image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: file: Dockerfile.metrics push: true @@ -121,10 +121,10 @@ jobs: needs: [ operator, cluster-node, metrics ] steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Helm - uses: azure/setup-helm@v3.5 + uses: azure/setup-helm@v4 with: version: ${{ env.HELM_VERSION }} @@ -157,11 +157,11 @@ jobs: needs: [ helm-release ] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: - node-version: 16.17.1 # This is recommended LTS version which includes npm 6.14.10 + node-version: 22.x # Latest LTS - name: Publish docs website env: USE_SSH: false @@ -181,9 +181,9 @@ jobs: needs: [ docs ] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Setup Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: ${{ env.GO_VERSION }} diff --git a/Dockerfile.metrics b/Dockerfile.metrics index db26fca1..d0b747d8 100644 --- a/Dockerfile.metrics +++ b/Dockerfile.metrics @@ -1,4 +1,4 @@ -ARG BUILDIMAGE=golang:1.20-bookworm +ARG BUILDIMAGE=golang:1.24-bookworm ARG BASEIMAGE=debian:bookworm-slim ARG DOCKER_PROXY_REGISTRY @@ -8,6 +8,7 @@ ARG GOPROXY=direct ARG BUILDTIME ARG OPERATOR_VERSION ARG REVISION +ARG TARGETPLATFORM ENV DEBIAN_FRONTEND=noninteractive ENV INSTALL_DIRECTORY=/usr/local/bin @@ -28,8 +29,16 @@ COPY api/ api/ COPY pkg/ pkg/ COPY cmd/metrics/main.go ./ -# Build -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \ +# Build for target platform +RUN --mount=type=cache,target=/root/.cache/go-build \ + --mount=type=cache,target=/go/pkg/mod \ + case "${TARGETPLATFORM}" in \ + "linux/amd64") export GOARCH=amd64 ;; \ + "linux/arm64") export GOARCH=arm64 ;; \ + "linux/arm/v7") export GOARCH=arm ;; \ + *) echo "Unsupported platform ${TARGETPLATFORM}" && exit 1 ;; \ + esac && \ + CGO_ENABLED=0 GOOS=linux GOARCH=${GOARCH} \ go build \ -ldflags "-w -s \ -X github.com/IBM/operator-for-redis-cluster/pkg/utils.BUILDTIME=$BUILDTIME \ diff --git a/Dockerfile.node b/Dockerfile.node index 26da78ef..3a4d33f2 100644 --- a/Dockerfile.node +++ b/Dockerfile.node @@ -1,5 +1,5 @@ -ARG REDIS_VERSION=7.0.12 -ARG BUILDIMAGE=golang:1.20-bookworm +ARG REDIS_VERSION=7.4.3 +ARG BUILDIMAGE=golang:1.24-bookworm ARG BASEIMAGE=redis:${REDIS_VERSION}-bookworm ARG DOCKER_PROXY_REGISTRY @@ -10,6 +10,7 @@ ARG REDIS_VERSION ARG OPERATOR_VERSION ARG BUILDTIME ARG REVISION +ARG TARGETPLATFORM ENV DEBIAN_FRONTEND=noninteractive ENV INSTALL_DIRECTORY=/usr/local/bin @@ -30,8 +31,16 @@ COPY api/ api/ COPY pkg/ pkg/ COPY cmd/node/main.go ./ -# Build -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \ +# Build for target platform +RUN --mount=type=cache,target=/root/.cache/go-build \ + --mount=type=cache,target=/go/pkg/mod \ + case "${TARGETPLATFORM}" in \ + "linux/amd64") export GOARCH=amd64 ;; \ + "linux/arm64") export GOARCH=arm64 ;; \ + "linux/arm/v7") export GOARCH=arm ;; \ + *) echo "Unsupported platform ${TARGETPLATFORM}" && exit 1 ;; \ + esac && \ + CGO_ENABLED=0 GOOS=linux GOARCH=${GOARCH} \ go build \ -ldflags "-w -s \ -X github.com/IBM/operator-for-redis-cluster/pkg/utils.BUILDTIME=$BUILDTIME \ diff --git a/Dockerfile.operator b/Dockerfile.operator index 9a306c64..7635cda0 100644 --- a/Dockerfile.operator +++ b/Dockerfile.operator @@ -1,4 +1,4 @@ -ARG BUILDIMAGE=golang:1.20-bookworm +ARG BUILDIMAGE=golang:1.24-bookworm ARG BASEIMAGE=debian:bookworm-slim ARG DOCKER_PROXY_REGISTRY @@ -8,6 +8,7 @@ ARG GOPROXY=direct ARG BUILDTIME ARG OPERATOR_VERSION ARG REVISION +ARG TARGETPLATFORM ENV DEBIAN_FRONTEND=noninteractive ENV INSTALL_DIRECTORY=/usr/local/bin @@ -28,8 +29,16 @@ COPY pkg/ pkg/ COPY api/ api/ COPY cmd/operator/main.go ./ -# Build -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \ +# Build for target platform +RUN --mount=type=cache,target=/root/.cache/go-build \ + --mount=type=cache,target=/go/pkg/mod \ + case "${TARGETPLATFORM}" in \ + "linux/amd64") export GOARCH=amd64 ;; \ + "linux/arm64") export GOARCH=arm64 ;; \ + "linux/arm/v7") export GOARCH=arm ;; \ + *) echo "Unsupported platform ${TARGETPLATFORM}" && exit 1 ;; \ + esac && \ + CGO_ENABLED=0 GOOS=linux GOARCH=${GOARCH} \ go build \ -ldflags "-w -s \ -X github.com/IBM/operator-for-redis-cluster/pkg/utils.BUILDTIME=$BUILDTIME \ diff --git a/Makefile b/Makefile index fc2870c8..02d8a00f 100644 --- a/Makefile +++ b/Makefile @@ -1,12 +1,12 @@ ARTIFACT_OPERATOR=redis-operator ARTIFACT_INITCONTAINER=init-container -PREFIX?=ibmcom/ +PREFIX?=cinple/ SOURCES := $(shell find . ! -name "*_test.go" -name '*.go') CMDBINS := operator node metrics -CRD_OPTIONS ?= "crd:crdVersions=v1,generateEmbeddedObjectMeta=true" +CRD_OPTIONS ?= "crd:crdVersions=v1,maxDescLen=64,generateEmbeddedObjectMeta=true" ifeq (,$(shell go env GOBIN)) GOBIN=$(shell go env GOPATH)/bin @@ -20,6 +20,10 @@ DATE=$(shell date +%Y-%m-%d/%H:%M:%S) BUILDINFOPKG=github.com/IBM/operator-for-redis-cluster/pkg/utils LDFLAGS= -ldflags "-w -X ${BUILDINFOPKG}.TAG=${TAG} -X ${BUILDINFOPKG}.COMMIT=${COMMIT} -X ${BUILDINFOPKG}.OPERATOR_VERSION=${OPERATOR_VERSION} -X ${BUILDINFOPKG}.REDIS_VERSION=${REDIS_VERSION} -X ${BUILDINFOPKG}.BUILDTIME=${DATE} -s" +PLATFORM?=linux/amd64 +GOOS=$(shell echo $(PLATFORM) | cut -d'/' -f1) +GOARCH=$(shell echo $(PLATFORM) | cut -d'/' -f2) + all: build plugin: build-kubectl-rc install-plugin @@ -28,16 +32,19 @@ install-plugin: ./tools/install-plugin.sh build-%: - CGO_ENABLED=0 go build -installsuffix cgo ${LDFLAGS} -o bin/$* ./cmd/$* + CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(GOARCH) go build -installsuffix cgo ${LDFLAGS} -o bin/$* ./cmd/$* buildlinux-%: ${SOURCES} - CGO_ENABLED=0 GOOS=linux go build -installsuffix cgo ${LDFLAGS} -o docker/$*/$* ./cmd/$*/main.go + CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(GOARCH) go build -installsuffix cgo ${LDFLAGS} -o docker/$*/$* ./cmd/$*/main.go container-%: buildlinux-% - docker build -t $(PREFIX)$*-for-redis:$(TAG) -f Dockerfile.$* . + docker buildx build --platform $(PLATFORM) -t $(PREFIX)operator-for-redis-cluster-$*:$(TAG) -f Dockerfile.$* . --load + +container-push-%: + docker buildx build --platform linux/amd64,linux/arm64 -t $(PREFIX)operator-for-redis-cluster-$*:$(TAG) -f Dockerfile.$* . --push load-%: container-% - kind load docker-image $(PREFIX)$*-for-redis:$(TAG) + kind load docker-image $(PREFIX)operator-for-redis-cluster-$*:$(TAG) build: $(addprefix build-,$(CMDBINS)) @@ -45,10 +52,12 @@ buildlinux: $(addprefix buildlinux-,$(CMDBINS)) container: $(addprefix container-,$(CMDBINS)) +container-push: $(addprefix container-push-,$(CMDBINS)) + load: $(addprefix load-,$(CMDBINS)) manifests: controller-gen - $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role output:rbac:none paths="./..." output:crd:artifacts:config=charts/operator-for-redis-cluster/crds/ + $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role output:rbac:none paths="./..." output:crd:artifacts:config=charts/operator-for-redis/crds/ generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. $(CONTROLLER_GEN) object paths="./..." @@ -62,7 +71,7 @@ ifeq (, $(shell which controller-gen)) CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\ cd $$CONTROLLER_GEN_TMP_DIR ;\ go mod init tmp ;\ - go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.11.3 ;\ + go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.17.3 ;\ rm -rf $$CONTROLLER_GEN_TMP_DIR ;\ } CONTROLLER_GEN=$(GOBIN)/controller-gen @@ -75,7 +84,7 @@ test: ./go.test.sh push-%: container-% - docker push $(PREFIX)$*-for-redis:$(TAG) + docker push $(PREFIX)operator-for-redis-cluster-$*:$(TAG) push: $(addprefix push-,$(CMDBINS)) @@ -89,7 +98,7 @@ fmt: # Run all the linters lint: - golangci-lint run --enable exportloopref + golangci-lint run --enable copyloopvar .PHONY: lint -.PHONY: build push clean test +.PHONY: build push clean test container-push diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 300cc693..f5ae7152 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -1,12 +1,11 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated // Code generated by controller-gen. DO NOT EDIT. package v1alpha1 import ( - v1 "k8s.io/api/core/v1" + "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime" ) diff --git a/charts/node-for-redis/templates/rbac.yaml b/charts/node-for-redis/templates/rbac.yaml index f11ff753..b195213d 100644 --- a/charts/node-for-redis/templates/rbac.yaml +++ b/charts/node-for-redis/templates/rbac.yaml @@ -7,6 +7,9 @@ rules: - apiGroups: [""] resources: ["namespaces", "services", "endpoints", "pods", "nodes"] verbs: ["list", "get", "watch"] +- apiGroups: ["discovery.k8s.io"] + resources: ["endpointslices"] + verbs: ["list", "get", "watch"] - apiGroups: ["db.ibm.com"] resources: ["rediscluster","redisclusters"] verbs: ["list", "get", "watch"] diff --git a/charts/node-for-redis/values.yaml b/charts/node-for-redis/values.yaml index 7adedbf2..c4fff805 100644 --- a/charts/node-for-redis/values.yaml +++ b/charts/node-for-redis/values.yaml @@ -6,7 +6,7 @@ numberOfPrimaries: 3 replicationFactor: 1 image: - repository: ibmcom/node-for-redis + repository: cinple/operator-for-redis-cluster-node # Overrides the image tag whose default is the chart appVersion tag: "" pullPolicy: IfNotPresent @@ -142,7 +142,7 @@ metrics: exporter: image: repository: oliver006/redis_exporter - tag: v1.43.0 + tag: v1.73.0 pullPolicy: IfNotPresent port: name: metrics @@ -155,7 +155,7 @@ metrics: labels: {} server: image: - repository: ibmcom/metrics-for-redis + repository: cinple/operator-for-redis-cluster-metrics tag: latest pullPolicy: IfNotPresent port: @@ -181,7 +181,7 @@ sysctl: netCoreSomaxconn: 65000 image: repository: alpine - tag: 3.16.0 + tag: 3.21 imagePullPolicy: IfNotPresent redis: diff --git a/charts/operator-for-redis/crds/db.ibm.com_redisclusters.yaml b/charts/operator-for-redis/crds/db.ibm.com_redisclusters.yaml index 747c6412..e0c23094 100644 --- a/charts/operator-for-redis/crds/db.ibm.com_redisclusters.yaml +++ b/charts/operator-for-redis/crds/db.ibm.com_redisclusters.yaml @@ -1,11 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.6.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.17.3 name: redisclusters.db.ibm.com spec: group: db.ibm.com @@ -24,14 +22,10 @@ spec: description: RedisCluster represents a Redis Cluster properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: APIVersion defines the versioned schema of this representation... type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: Kind is a string value representing the REST resource this... type: string metadata: type: object @@ -50,10 +44,12 @@ spec: type: integer podTemplate: description: PodTemplate contains the pod specification that should - run the redis-server process + run the... properties: metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + description: |- + Standard object's metadata. + More info: https://git.k8s. properties: annotations: additionalProperties: @@ -73,14 +69,11 @@ spec: type: string type: object spec: - description: 'Specification of the desired behavior of the pod. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + description: Specification of the desired behavior of the pod. properties: activeDeadlineSeconds: description: Optional duration in seconds the pod may be active - on the node relative to StartTime before the system will - actively try to mark it failed and kill associated containers. - Value must be a positive integer. + on the node... format: int64 type: integer affinity: @@ -92,22 +85,10 @@ spec: properties: preferredDuringSchedulingIgnoredDuringExecution: description: The scheduler will prefer to schedule - pods to nodes that satisfy the affinity expressions - specified by this field, but it may choose a node - that violates one or more of the expressions. The - node that is most preferred is the one with the - greatest sum of weights, i.e. for each node that - meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements - of this field and adding "weight" to the sum if - the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. + pods to nodes that... items: description: An empty preferred scheduling term - matches all objects with implicit weight 0 (i.e. - it's a no-op). A null preferred scheduling term - matches no objects (i.e. is also a no-op). + matches all objects with... properties: preference: description: A node selector term, associated @@ -118,9 +99,7 @@ spec: by node's labels. items: description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + is a selector that contains values,... properties: key: description: The label key that the @@ -128,37 +107,26 @@ spec: type: string operator: description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. + to a set of values. type: string values: description: An array of string values. - If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. - If the operator is Gt or Lt, the - values array must have a single - element, which will be interpreted - as an integer. This array is replaced - during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. items: description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + is a selector that contains values,... properties: key: description: The label key that the @@ -166,34 +134,25 @@ spec: type: string operator: description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. + to a set of values. type: string values: description: An array of string values. - If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. - If the operator is Gt or Lt, the - values array must have a single - element, which will be interpreted - as an integer. This array is replaced - during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object + x-kubernetes-map-type: atomic weight: description: Weight associated with matching - the corresponding nodeSelectorTerm, in the - range 1-100. + the corresponding... format: int32 type: integer required: @@ -201,32 +160,24 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: If the affinity requirements specified - by this field are not met at scheduling time, the - pod will not be scheduled onto the node. If the - affinity requirements specified by this field cease - to be met at some point during pod execution (e.g. - due to an update), the system may or may not try - to eventually evict the pod from its node. + by this field are not... properties: nodeSelectorTerms: description: Required. A list of node selector terms. The terms are ORed. items: description: A null or empty node selector term - matches no objects. The requirements of them - are ANDed. The TopologySelectorTerm type implements - a subset of the NodeSelectorTerm. + matches no objects. properties: matchExpressions: description: A list of node selector requirements by node's labels. items: description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + is a selector that contains values,... properties: key: description: The label key that the @@ -234,37 +185,26 @@ spec: type: string operator: description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. + to a set of values. type: string values: description: An array of string values. - If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. - If the operator is Gt or Lt, the - values array must have a single - element, which will be interpreted - as an integer. This array is replaced - during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. items: description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + is a selector that contains values,... properties: key: description: The label key that the @@ -272,62 +212,40 @@ spec: type: string operator: description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. + to a set of values. type: string values: description: An array of string values. - If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. - If the operator is Gt or Lt, the - values array must have a single - element, which will be interpreted - as an integer. This array is replaced - during a strategic merge patch. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object + x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: description: Describes pod affinity scheduling rules (e.g. - co-locate this pod in the same node, zone, etc. as some - other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: description: The scheduler will prefer to schedule - pods to nodes that satisfy the affinity expressions - specified by this field, but it may choose a node - that violates one or more of the expressions. The - node that is most preferred is the one with the - greatest sum of weights, i.e. for each node that - meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements - of this field and adding "weight" to the sum if - the node has pods which matches the corresponding - podAffinityTerm; the node(s) with the highest sum - are the most preferred. + pods to nodes that... items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) + description: The weights of all of the matched WeightedPodAffinityTerm... properties: podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. + description: Required. properties: labelSelector: description: A label query over a set of @@ -335,13 +253,10 @@ spec: properties: matchExpressions: description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. + of label selector requirements. items: description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + is a selector that contains... properties: key: description: key is the label @@ -351,65 +266,102 @@ spec: operator: description: operator represents a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + of values. type: string values: description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. + of string values. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + {key,value} pairs. type: object type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of + pod label keys to select which pods... + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set + of pod label keys to select which... + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set + of namespaces that the term applies... + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. + items: + description: A label selector requirement + is a selector that contains... + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. + type: string + values: + description: values is an array + of string values. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. + type: object + type: object + x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies which - namespaces the labelSelector applies to - (matches against); null or empty list - means "this pod's namespace" + description: namespaces specifies a static + list of namespace names that the... items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where co-located - is defined as running on a node whose - value of the label with key topologyKey - matches that of any node on which any - of the selected pods is running. Empty - topologyKey is not allowed. + (affinity) or not co-located... type: string required: - topologyKey type: object weight: description: weight associated with matching - the corresponding podAffinityTerm, in the - range 1-100. + the corresponding... format: int32 type: integer required: @@ -417,26 +369,13 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: If the affinity requirements specified - by this field are not met at scheduling time, the - pod will not be scheduled onto the node. If the - affinity requirements specified by this field cease - to be met at some point during pod execution (e.g. - due to a pod label update), the system may or may - not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes - corresponding to each podAffinityTerm are intersected, - i.e. all terms must be satisfied. + by this field are not... items: description: Defines a set of pods (namely those - matching the labelSelector relative to the given - namespace(s)) that this pod should be co-located - (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node - whose value of the label with key - matches that of any node on which a pod of the - set of pods is running + matching the labelSelector... properties: labelSelector: description: A label query over a set of resources, @@ -444,13 +383,10 @@ spec: properties: matchExpressions: description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. + of label selector requirements. items: description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + is a selector that contains... properties: key: description: key is the label key @@ -459,86 +395,111 @@ spec: operator: description: operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. type: string values: description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. + string values. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. + pairs. type: object type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod + label keys to select which pods... + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod + label keys to select which... + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies... + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. + items: + description: A label selector requirement + is a selector that contains... + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + type: string + values: + description: values is an array of + string values. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. + type: object + type: object + x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies which namespaces - the labelSelector applies to (matches against); - null or empty list means "this pod's namespace" + description: namespaces specifies a static list + of namespace names that the... items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the - pods matching the labelSelector in the specified - namespaces, where co-located is defined as - running on a node whose value of the label - with key topologyKey matches that of any node - on which any of the selected pods is running. - Empty topologyKey is not allowed. + or not co-located... type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: description: Describes pod anti-affinity scheduling rules - (e.g. avoid putting this pod in the same node, zone, - etc. as some other pod(s)). + (e.g. properties: preferredDuringSchedulingIgnoredDuringExecution: description: The scheduler will prefer to schedule - pods to nodes that satisfy the anti-affinity expressions - specified by this field, but it may choose a node - that violates one or more of the expressions. The - node that is most preferred is the one with the - greatest sum of weights, i.e. for each node that - meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity - expressions, etc.), compute a sum by iterating through - the elements of this field and adding "weight" to - the sum if the node has pods which matches the corresponding - podAffinityTerm; the node(s) with the highest sum - are the most preferred. + pods to nodes that... items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) + description: The weights of all of the matched WeightedPodAffinityTerm... properties: podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. + description: Required. properties: labelSelector: description: A label query over a set of @@ -546,13 +507,10 @@ spec: properties: matchExpressions: description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. + of label selector requirements. items: description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + is a selector that contains... properties: key: description: key is the label @@ -562,65 +520,102 @@ spec: operator: description: operator represents a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + of values. type: string values: description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. + of string values. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + {key,value} pairs. type: object type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of + pod label keys to select which pods... + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set + of pod label keys to select which... + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set + of namespaces that the term applies... + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. + items: + description: A label selector requirement + is a selector that contains... + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. + type: string + values: + description: values is an array + of string values. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. + type: object + type: object + x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies which - namespaces the labelSelector applies to - (matches against); null or empty list - means "this pod's namespace" + description: namespaces specifies a static + list of namespace names that the... items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where co-located - is defined as running on a node whose - value of the label with key topologyKey - matches that of any node on which any - of the selected pods is running. Empty - topologyKey is not allowed. + (affinity) or not co-located... type: string required: - topologyKey type: object weight: description: weight associated with matching - the corresponding podAffinityTerm, in the - range 1-100. + the corresponding... format: int32 type: integer required: @@ -628,26 +623,13 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: If the anti-affinity requirements specified - by this field are not met at scheduling time, the - pod will not be scheduled onto the node. If the - anti-affinity requirements specified by this field - cease to be met at some point during pod execution - (e.g. due to a pod label update), the system may - or may not try to eventually evict the pod from - its node. When there are multiple elements, the - lists of nodes corresponding to each podAffinityTerm - are intersected, i.e. all terms must be satisfied. + by this field are... items: description: Defines a set of pods (namely those - matching the labelSelector relative to the given - namespace(s)) that this pod should be co-located - (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node - whose value of the label with key - matches that of any node on which a pod of the - set of pods is running + matching the labelSelector... properties: labelSelector: description: A label query over a set of resources, @@ -655,13 +637,64 @@ spec: properties: matchExpressions: description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. + of label selector requirements. + items: + description: A label selector requirement + is a selector that contains... + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + type: string + values: + description: values is an array of + string values. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod + label keys to select which pods... + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod + label keys to select which... + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies... + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. items: description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + is a selector that contains... properties: key: description: key is the label key @@ -670,124 +703,88 @@ spec: operator: description: operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. type: string values: description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. + string values. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. + pairs. type: object type: object + x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies which namespaces - the labelSelector applies to (matches against); - null or empty list means "this pod's namespace" + description: namespaces specifies a static list + of namespace names that the... items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the - pods matching the labelSelector in the specified - namespaces, where co-located is defined as - running on a node whose value of the label - with key topologyKey matches that of any node - on which any of the selected pods is running. - Empty topologyKey is not allowed. + or not co-located... type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object automountServiceAccountToken: description: AutomountServiceAccountToken indicates whether - a service account token should be automatically mounted. + a service... type: boolean containers: - description: List of containers belonging to the pod. Containers - cannot currently be added or removed. There must be at least - one container in a Pod. Cannot be updated. + description: List of containers belonging to the pod. items: description: A single application container that you want - to run within a pod. + to run within a... properties: args: - description: 'Arguments to the entrypoint. The docker - image''s CMD is used if this is not provided. Variable - references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the - reference in the input string will be unchanged. The - $(VAR_NAME) syntax can be escaped with a double $$, - ie: $$(VAR_NAME). Escaped references will never be - expanded, regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: Arguments to the entrypoint. items: type: string type: array + x-kubernetes-list-type: atomic command: - description: 'Entrypoint array. Not executed within - a shell. The docker image''s ENTRYPOINT is used if - this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If - a variable cannot be resolved, the reference in the - input string will be unchanged. The $(VAR_NAME) syntax - can be escaped with a double $$, ie: $$(VAR_NAME). - Escaped references will never be expanded, regardless - of whether the variable exists or not. Cannot be updated. - More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: Entrypoint array. Not executed within a + shell. items: type: string type: array + x-kubernetes-list-type: atomic env: description: List of environment variables to set in - the container. Cannot be updated. + the container. items: description: EnvVar represents an environment variable - present in a Container. + present in a... properties: name: description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) - are expanded using the previous defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. - The $(VAR_NAME) syntax can be escaped with a - double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether - the variable exists or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the... type: string valueFrom: description: Source for the environment variable's - value. Cannot be used if value is not empty. + value. properties: configMapKeyRef: description: Selects a key of a ConfigMap. @@ -796,10 +793,8 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: description: Specify whether the ConfigMap @@ -808,17 +803,14 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: - supports metadata.name, metadata.namespace, - `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + supports metadata.name, metadata.' properties: apiVersion: description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". + FieldPath is written in terms of,... type: string fieldPath: description: Path of the field to select @@ -827,12 +819,10 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, - requests.cpu, requests.memory and requests.ephemeral-storage) - are currently supported.' + only resources limits and...' properties: containerName: description: 'Container name: required @@ -843,8 +833,7 @@ spec: - type: integer - type: string description: Specifies the output format - of the exposed resources, defaults to - "1" + of the exposed resources, defaults... pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: @@ -853,20 +842,18 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace properties: key: description: The key of the secret to - select from. Must be a valid secret - key. + select from. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: description: Specify whether the Secret @@ -875,121 +862,102 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: List of sources to populate environment - variables in the container. The keys defined within - a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is - starting. When a key exists in multiple sources, the - value associated with the last source will take precedence. - Values defined by an Env with a duplicate key will - take precedence. Cannot be updated. + variables in the... items: description: EnvFromSource represents the source of - a set of ConfigMaps + a set of ConfigMaps or... properties: configMapRef: description: The ConfigMap to select from properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: description: Specify whether the ConfigMap must be defined type: boolean type: object + x-kubernetes-map-type: atomic prefix: - description: An optional identifier to prepend - to each key in the ConfigMap. Must be a C_IDENTIFIER. + description: Optional text to prepend to the name + of each environment... type: string secretRef: description: The Secret to select from properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: description: Specify whether the Secret must be defined type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config - management to default or override container images - in workload controllers like Deployments and StatefulSets.' + description: |- + Container image name. + More info: https://kubernetes. type: string imagePullPolicy: - description: 'Image pull policy. One of Always, Never, - IfNotPresent. Defaults to Always if :latest tag is - specified, or IfNotPresent otherwise. Cannot be updated. - More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. type: string lifecycle: description: Actions that the management system should - take in response to container lifecycle events. Cannot - be updated. + take in response to... properties: postStart: - description: 'PostStart is called immediately after - a container is created. If the handler fails, - the container is terminated and restarted according - to its restart policy. Other management of the - container blocks until the hook completes. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: PostStart is called immediately after + a container is created. properties: exec: - description: One and only one of the following - should be specified. Exec specifies the action - to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + to execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set - "Host" in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the - request. HTTP allows repeated headers. + request. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -999,6 +967,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -1008,22 +977,30 @@ spec: - type: integer - type: string description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + to access on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object + sleep: + description: Sleep represents a duration that + the container should sleep. + properties: + seconds: + description: Seconds is the number of seconds + to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: - description: 'TCPSocket specifies an action - involving a TCP port. TCP hooks not yet supported - TODO: implement a realistic TCP lifecycle - hook' + description: Deprecated. properties: host: description: 'Optional: Host name to connect @@ -1034,68 +1011,45 @@ spec: - type: integer - type: string description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + to access on the container. x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: 'PreStop is called immediately before - a container is terminated due to an API request - or management event such as liveness/startup probe - failure, preemption, resource contention, etc. - The handler is not called if the container crashes - or exits. The reason for termination is passed - to the handler. The Pod''s termination grace period - countdown begins before the PreStop hooked is - executed. Regardless of the outcome of the handler, - the container will eventually terminate within - the Pod''s termination grace period. Other management - of the container blocks until the hook completes - or until the termination grace period is reached. - More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: PreStop is called immediately before + a container is terminated... properties: exec: - description: One and only one of the following - should be specified. Exec specifies the action - to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + to execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set - "Host" in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the - request. HTTP allows repeated headers. + request. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -1105,6 +1059,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -1114,22 +1069,30 @@ spec: - type: integer - type: string description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + to access on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object + sleep: + description: Sleep represents a duration that + the container should sleep. + properties: + seconds: + description: Seconds is the number of seconds + to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: - description: 'TCPSocket specifies an action - involving a TCP port. TCP hooks not yet supported - TODO: implement a realistic TCP lifecycle - hook' + description: Deprecated. properties: host: description: 'Optional: Host name to connect @@ -1140,62 +1103,68 @@ spec: - type: integer - type: string description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + to access on the container. x-kubernetes-int-or-string: true required: - port type: object type: object + stopSignal: + description: StopSignal defines which signal will + be sent to a container... + type: string type: object livenessProbe: - description: 'Periodic probe of container liveness. - Container will be restarted if the probe fails. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Periodic probe of container liveness. properties: exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + probe to be considered... format: int32 type: integer + grpc: + description: GRPC specifies a GRPC HealthCheckRequest. + properties: + port: + description: Port number of the gRPC service. + format: int32 + type: integer + service: + default: "" + description: Service is the name of the service + to place in the gRPC... + type: string + required: + - port + type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the request. - HTTP allows repeated headers. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -1205,6 +1174,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1213,39 +1183,34 @@ spec: - type: integer - type: string description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after the container + has started before... format: int32 type: integer periodSeconds: description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is - 1. + probe. format: int32 type: integer successThreshold: description: Minimum consecutive successes for the - probe to be considered successful after having - failed. Defaults to 1. Must be 1 for liveness - and startup. Minimum value is 1. + probe to be considered... format: int32 type: integer tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: - implement a realistic TCP lifecycle hook' + description: TCPSocket specifies a connection to + a TCP port. properties: host: description: 'Optional: Host name to connect @@ -1256,41 +1221,34 @@ spec: - type: integer - type: string description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true required: - port type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate... + format: int64 + type: integer timeoutSeconds: - description: 'Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after which the probe + times out. format: int32 type: integer type: object name: description: Name of the container specified as a DNS_LABEL. - Each container in a pod must have a unique name (DNS_LABEL). - Cannot be updated. type: string ports: description: List of ports to expose from the container. - Exposing a port here gives the system additional information - about the network connections a container uses, but - is primarily informational. Not specifying a port - here DOES NOT prevent that port from being exposed. - Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from - the network. Cannot be updated. items: description: ContainerPort represents a network port in a single container. properties: containerPort: description: Number of port to expose on the pod's - IP address. This must be a valid port number, - 0 < x < 65536. + IP address. format: int32 type: integer hostIP: @@ -1299,22 +1257,17 @@ spec: type: string hostPort: description: Number of port to expose on the host. - If specified, this must be a valid port number, - 0 < x < 65536. If HostNetwork is specified, - this must match ContainerPort. Most containers - do not need this. format: int32 type: integer name: description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in - a pod must have a unique name. Name for the - port that can be referred to by services. + and unique within... type: string protocol: default: TCP - description: Protocol for port. Must be UDP, TCP, - or SCTP. Defaults to "TCP". + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". type: string required: - containerPort @@ -1325,52 +1278,56 @@ spec: - protocol x-kubernetes-list-type: map readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if - the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Periodic probe of container service readiness. properties: exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + probe to be considered... format: int32 type: integer + grpc: + description: GRPC specifies a GRPC HealthCheckRequest. + properties: + port: + description: Port number of the gRPC service. + format: int32 + type: integer + service: + default: "" + description: Service is the name of the service + to place in the gRPC... + type: string + required: + - port + type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the request. - HTTP allows repeated headers. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -1380,6 +1337,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1388,39 +1346,34 @@ spec: - type: integer - type: string description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after the container + has started before... format: int32 type: integer periodSeconds: description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is - 1. + probe. format: int32 type: integer successThreshold: description: Minimum consecutive successes for the - probe to be considered successful after having - failed. Defaults to 1. Must be 1 for liveness - and startup. Minimum value is 1. + probe to be considered... format: int32 type: integer tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: - implement a realistic TCP lifecycle hook' + description: TCPSocket specifies a connection to + a TCP port. properties: host: description: 'Optional: Host name to connect @@ -1431,23 +1384,69 @@ spec: - type: integer - type: string description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true required: - port type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate... + format: int64 + type: integer timeoutSeconds: - description: 'Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after which the probe + times out. format: int32 type: integer type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the... + properties: + resourceName: + description: Name of the resource to which this + resource resize policy... + type: string + restartPolicy: + description: Restart policy to apply when specified + resource is resized. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + description: |- + Compute Resources required by this container. + Cannot be updated. properties: + claims: + description: Claims lists the names of resources, + defined in spec. + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec. + type: string + request: + description: Request is the name chosen for + a request in the referenced... + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -1455,8 +1454,8 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + description: Limits describes the maximum amount + of compute resources... type: object requests: additionalProperties: @@ -1465,31 +1464,40 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + description: Requests describes the minimum amount + of compute resources... type: object type: object + restartPolicy: + description: RestartPolicy defines the restart behavior + of individual... + type: string securityContext: - description: 'Security options the pod should run with. - More info: https://kubernetes.io/docs/concepts/policy/security-context/ - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + description: SecurityContext defines the security options + the container... properties: allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls - whether a process can gain more privileges than - its parent process. This bool directly controls - if the no_new_privs flag will be set on the container - process. AllowPrivilegeEscalation is true always - when the container is: 1) run as Privileged 2) - has CAP_SYS_ADMIN' + description: AllowPrivilegeEscalation controls whether + a process can gain... type: boolean + appArmorProfile: + description: appArmorProfile is the AppArmor options + to use by this... + properties: + localhostProfile: + description: localhostProfile indicates a profile + loaded on the node that... + type: string + type: + description: type indicates which kind of AppArmor + profile will be applied. + type: string + required: + - type + type: object capabilities: description: The capabilities to add/drop when running - containers. Defaults to the default set of capabilities - granted by the container runtime. + containers. properties: add: description: Added capabilities @@ -1498,6 +1506,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -1505,59 +1514,36 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent - to root on the host. Defaults to false. + description: Run container in privileged mode. type: boolean procMount: description: procMount denotes the type of proc - mount to use for the containers. The default is - DefaultProcMount which uses the container runtime - defaults for readonly paths and masked paths. - This requires the ProcMountType feature flag to - be enabled. + mount to use for the... type: string readOnlyRootFilesystem: description: Whether this container has a read-only - root filesystem. Default is false. + root filesystem. type: boolean runAsGroup: description: The GID to run the entrypoint of the - container process. Uses runtime default if unset. - May also be set in PodSecurityContext. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + container process. format: int64 type: integer runAsNonRoot: description: Indicates that the container must run - as a non-root user. If true, the Kubelet will - validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start - the container if it does. If unset or false, no - such validation will be performed. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in - SecurityContext takes precedence. + as a non-root user. type: boolean runAsUser: description: The UID to run the entrypoint of the - container process. Defaults to user specified - in image metadata if unspecified. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in - SecurityContext takes precedence. + container process. format: int64 type: integer seLinuxOptions: description: The SELinux context to be applied to - the container. If unspecified, the container runtime - will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + the container. properties: level: description: Level is SELinux level label that @@ -1578,111 +1564,93 @@ spec: type: object seccompProfile: description: The seccomp options to use by this - container. If seccomp options are provided at - both the pod & container level, the container - options override the pod options. + container. properties: localhostProfile: description: localhostProfile indicates a profile - defined in a file on the node should be used. - The profile must be preconfigured on the node - to work. Must be a descending path, relative - to the kubelet's configured seccomp profile - location. Must only be set if type is "Localhost". + defined in a file on the... type: string type: - description: "type indicates which kind of seccomp - profile will be applied. Valid options are: - \n Localhost - a profile defined in a file - on the node should be used. RuntimeDefault - - the container runtime default profile should - be used. Unconfined - no profile should be - applied." + description: type indicates which kind of seccomp + profile will be applied. type: string required: - type type: object windowsOptions: description: The Windows specific settings applied - to all containers. If unspecified, the options - from the PodSecurityContext will be used. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + to all containers. properties: gmsaCredentialSpec: description: GMSACredentialSpec is where the - GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName field. + GMSA admission webhook... type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name - of the GMSA credential spec to use. + of the GMSA credential spec... type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host... + type: boolean runAsUserName: description: The UserName in Windows to run - the entrypoint of the container process. Defaults - to the user specified in image metadata if - unspecified. May also be set in PodSecurityContext. - If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. + the entrypoint of the container... type: string type: object type: object startupProbe: - description: 'StartupProbe indicates that the Pod has - successfully initialized. If specified, no other probes - are executed until this completes successfully. If - this probe fails, the Pod will be restarted, just - as if the livenessProbe failed. This can be used to - provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time - to load data or warm a cache, than during steady-state - operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: StartupProbe indicates that the Pod has + successfully... properties: exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + probe to be considered... format: int32 type: integer + grpc: + description: GRPC specifies a GRPC HealthCheckRequest. + properties: + port: + description: Port number of the gRPC service. + format: int32 + type: integer + service: + default: "" + description: Service is the name of the service + to place in the gRPC... + type: string + required: + - port + type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the request. - HTTP allows repeated headers. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -1692,6 +1660,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1700,39 +1669,34 @@ spec: - type: integer - type: string description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after the container + has started before... format: int32 type: integer periodSeconds: description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is - 1. + probe. format: int32 type: integer successThreshold: description: Minimum consecutive successes for the - probe to be considered successful after having - failed. Defaults to 1. Must be 1 for liveness - and startup. Minimum value is 1. + probe to be considered... format: int32 type: integer tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: - implement a realistic TCP lifecycle hook' + description: TCPSocket specifies a connection to + a TCP port. properties: host: description: 'Optional: Host name to connect @@ -1743,76 +1707,52 @@ spec: - type: integer - type: string description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true required: - port type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate... + format: int64 + type: integer timeoutSeconds: - description: 'Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after which the probe + times out. format: int32 type: integer type: object stdin: description: Whether this container should allocate - a buffer for stdin in the container runtime. If this - is not set, reads from stdin in the container will - always result in EOF. Default is false. + a buffer for stdin in... type: boolean stdinOnce: description: Whether the container runtime should close - the stdin channel after it has been opened by a single - attach. When stdin is true the stdin stream will remain - open across multiple attach sessions. If stdinOnce - is set to true, stdin is opened on container start, - is empty until the first client attaches to stdin, - and then remains open and accepts data until the client - disconnects, at which time stdin is closed and remains - closed until the container is restarted. If this flag - is false, a container processes that reads from stdin - will never receive an EOF. Default is false + the stdin channel... type: boolean terminationMessagePath: description: 'Optional: Path at which the file to which - the container''s termination message will be written - is mounted into the container''s filesystem. Message - written is intended to be brief final status, such - as an assertion failure message. Will be truncated - by the node if greater than 4096 bytes. The total - message length across all containers will be limited - to 12kb. Defaults to /dev/termination-log. Cannot - be updated.' + the container''s...' type: string terminationMessagePolicy: description: Indicate how the termination message should - be populated. File will use the contents of terminationMessagePath - to populate the container status message on both success - and failure. FallbackToLogsOnError will use the last - chunk of container log output if the termination message - file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, - whichever is smaller. Defaults to File. Cannot be - updated. + be populated. type: string tty: description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to be true. - Default is false. + a TTY for itself, also... type: boolean volumeDevices: description: volumeDevices is the list of block devices - to be used by the container. + to be used by the... items: description: volumeDevice describes a mapping of a - raw block device within a container. + raw block device within a... properties: devicePath: description: devicePath is the path inside of - the container that the device will be mapped - to. + the container that the device... type: string name: description: name must match the name of a persistentVolumeClaim @@ -1823,188 +1763,143 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: Pod volumes to mount into the container's - filesystem. Cannot be updated. + filesystem. items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: description: Path within the container at which - the volume should be mounted. Must not contain - ':'. + the volume should be mounted. type: string mountPropagation: description: mountPropagation determines how mounts - are propagated from the host to container and - the other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. + are propagated from the... type: string name: description: This must match the Name of a Volume. type: string readOnly: description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to - false. + otherwise (false or... type: boolean + recursiveReadOnly: + description: RecursiveReadOnly specifies whether + read-only mounts should be... + type: string subPath: description: Path within the volume from which - the container's volume should be mounted. Defaults - to "" (volume's root). + the container's volume should... type: string subPathExpr: description: Expanded path within the volume from - which the container's volume should be mounted. - Behaves similarly to SubPath but environment - variable references $(VAR_NAME) are expanded - using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath - are mutually exclusive. + which the container's... type: string required: - mountPath - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which - might be configured in the container image. Cannot - be updated. + description: Container's working directory. type: string required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map dnsConfig: - description: Specifies the DNS parameters of a pod. Parameters - specified here will be merged to the generated DNS configuration - based on DNSPolicy. + description: Specifies the DNS parameters of a pod. properties: nameservers: - description: A list of DNS name server IP addresses. This - will be appended to the base nameservers generated from - DNSPolicy. Duplicated nameservers will be removed. + description: A list of DNS name server IP addresses. items: type: string type: array + x-kubernetes-list-type: atomic options: - description: A list of DNS resolver options. This will - be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options - given in Options will override those that appear in - the base DNSPolicy. + description: A list of DNS resolver options. items: description: PodDNSConfigOption defines DNS resolver options of a pod. properties: name: - description: Required. + description: |- + Name is this DNS resolver option's name. + Required. type: string value: + description: Value is this DNS resolver option's + value. type: string type: object type: array + x-kubernetes-list-type: atomic searches: description: A list of DNS search domains for host-name - lookup. This will be appended to the base search paths - generated from DNSPolicy. Duplicated search paths will - be removed. + lookup. items: type: string type: array + x-kubernetes-list-type: atomic type: object dnsPolicy: - description: Set DNS policy for the pod. Defaults to "ClusterFirst". - Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', - 'Default' or 'None'. DNS parameters given in DNSConfig will - be merged with the policy selected with DNSPolicy. To have - DNS options set along with hostNetwork, you have to specify - DNS policy explicitly to 'ClusterFirstWithHostNet'. + description: |- + Set DNS policy for the pod. + Defaults to "ClusterFirst". type: string enableServiceLinks: - description: 'EnableServiceLinks indicates whether information - about services should be injected into pod''s environment - variables, matching the syntax of Docker links. Optional: - Defaults to true.' + description: EnableServiceLinks indicates whether information + about services... type: boolean ephemeralContainers: description: List of ephemeral containers run in this pod. - Ephemeral containers may be run in an existing pod to perform - user-initiated actions such as debugging. This list cannot - be specified when creating a pod, and it cannot be modified - by updating the pod spec. In order to add an ephemeral container - to an existing pod, use the pod's ephemeralcontainers subresource. - This field is alpha-level and is only honored by servers - that enable the EphemeralContainers feature. items: - description: An EphemeralContainer is a container that may - be added temporarily to an existing pod for user-initiated - activities such as debugging. Ephemeral containers have - no resource or scheduling guarantees, and they will not - be restarted when they exit or when a pod is removed or - restarted. If an ephemeral container causes a pod to exceed - its resource allocation, the pod may be evicted. Ephemeral - containers may not be added by directly updating the pod - spec. They must be added via the pod's ephemeralcontainers - subresource, and they will appear in the pod spec once - added. This is an alpha feature enabled by the EphemeralContainers - feature flag. + description: An EphemeralContainer is a temporary container + that you may add... properties: args: - description: 'Arguments to the entrypoint. The docker - image''s CMD is used if this is not provided. Variable - references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the - reference in the input string will be unchanged. The - $(VAR_NAME) syntax can be escaped with a double $$, - ie: $$(VAR_NAME). Escaped references will never be - expanded, regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: Arguments to the entrypoint. items: type: string type: array + x-kubernetes-list-type: atomic command: - description: 'Entrypoint array. Not executed within - a shell. The docker image''s ENTRYPOINT is used if - this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If - a variable cannot be resolved, the reference in the - input string will be unchanged. The $(VAR_NAME) syntax - can be escaped with a double $$, ie: $$(VAR_NAME). - Escaped references will never be expanded, regardless - of whether the variable exists or not. Cannot be updated. - More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: Entrypoint array. Not executed within a + shell. items: type: string type: array + x-kubernetes-list-type: atomic env: description: List of environment variables to set in - the container. Cannot be updated. + the container. items: description: EnvVar represents an environment variable - present in a Container. + present in a... properties: name: description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) - are expanded using the previous defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. - The $(VAR_NAME) syntax can be escaped with a - double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether - the variable exists or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the... type: string valueFrom: description: Source for the environment variable's - value. Cannot be used if value is not empty. + value. properties: configMapKeyRef: description: Selects a key of a ConfigMap. @@ -2013,10 +1908,8 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: description: Specify whether the ConfigMap @@ -2025,17 +1918,14 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: - supports metadata.name, metadata.namespace, - `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + supports metadata.name, metadata.' properties: apiVersion: description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". + FieldPath is written in terms of,... type: string fieldPath: description: Path of the field to select @@ -2044,12 +1934,10 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, - requests.cpu, requests.memory and requests.ephemeral-storage) - are currently supported.' + only resources limits and...' properties: containerName: description: 'Container name: required @@ -2060,8 +1948,7 @@ spec: - type: integer - type: string description: Specifies the output format - of the exposed resources, defaults to - "1" + of the exposed resources, defaults... pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: @@ -2070,20 +1957,18 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace properties: key: description: The key of the secret to - select from. Must be a valid secret - key. + select from. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: description: Specify whether the Secret @@ -2092,117 +1977,102 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: List of sources to populate environment - variables in the container. The keys defined within - a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is - starting. When a key exists in multiple sources, the - value associated with the last source will take precedence. - Values defined by an Env with a duplicate key will - take precedence. Cannot be updated. + variables in the... items: description: EnvFromSource represents the source of - a set of ConfigMaps + a set of ConfigMaps or... properties: configMapRef: description: The ConfigMap to select from properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: description: Specify whether the ConfigMap must be defined type: boolean type: object + x-kubernetes-map-type: atomic prefix: - description: An optional identifier to prepend - to each key in the ConfigMap. Must be a C_IDENTIFIER. + description: Optional text to prepend to the name + of each environment... type: string secretRef: description: The Secret to select from properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: description: Specify whether the Secret must be defined type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images' + description: |- + Container image name. + More info: https://kubernetes. type: string imagePullPolicy: - description: 'Image pull policy. One of Always, Never, - IfNotPresent. Defaults to Always if :latest tag is - specified, or IfNotPresent otherwise. Cannot be updated. - More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. type: string lifecycle: description: Lifecycle is not allowed for ephemeral containers. properties: postStart: - description: 'PostStart is called immediately after - a container is created. If the handler fails, - the container is terminated and restarted according - to its restart policy. Other management of the - container blocks until the hook completes. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: PostStart is called immediately after + a container is created. properties: exec: - description: One and only one of the following - should be specified. Exec specifies the action - to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + to execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set - "Host" in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the - request. HTTP allows repeated headers. + request. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -2212,6 +2082,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -2221,22 +2092,30 @@ spec: - type: integer - type: string description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + to access on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object + sleep: + description: Sleep represents a duration that + the container should sleep. + properties: + seconds: + description: Seconds is the number of seconds + to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: - description: 'TCPSocket specifies an action - involving a TCP port. TCP hooks not yet supported - TODO: implement a realistic TCP lifecycle - hook' + description: Deprecated. properties: host: description: 'Optional: Host name to connect @@ -2247,68 +2126,45 @@ spec: - type: integer - type: string description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + to access on the container. x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: 'PreStop is called immediately before - a container is terminated due to an API request - or management event such as liveness/startup probe - failure, preemption, resource contention, etc. - The handler is not called if the container crashes - or exits. The reason for termination is passed - to the handler. The Pod''s termination grace period - countdown begins before the PreStop hooked is - executed. Regardless of the outcome of the handler, - the container will eventually terminate within - the Pod''s termination grace period. Other management - of the container blocks until the hook completes - or until the termination grace period is reached. - More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: PreStop is called immediately before + a container is terminated... properties: exec: - description: One and only one of the following - should be specified. Exec specifies the action - to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + to execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set - "Host" in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the - request. HTTP allows repeated headers. + request. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -2318,6 +2174,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -2327,22 +2184,30 @@ spec: - type: integer - type: string description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + to access on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object + sleep: + description: Sleep represents a duration that + the container should sleep. + properties: + seconds: + description: Seconds is the number of seconds + to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: - description: 'TCPSocket specifies an action - involving a TCP port. TCP hooks not yet supported - TODO: implement a realistic TCP lifecycle - hook' + description: Deprecated. properties: host: description: 'Optional: Host name to connect @@ -2353,60 +2218,68 @@ spec: - type: integer - type: string description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + to access on the container. x-kubernetes-int-or-string: true required: - port type: object type: object + stopSignal: + description: StopSignal defines which signal will + be sent to a container... + type: string type: object livenessProbe: description: Probes are not allowed for ephemeral containers. properties: exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + probe to be considered... format: int32 type: integer + grpc: + description: GRPC specifies a GRPC HealthCheckRequest. + properties: + port: + description: Port number of the gRPC service. + format: int32 + type: integer + service: + default: "" + description: Service is the name of the service + to place in the gRPC... + type: string + required: + - port + type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the request. - HTTP allows repeated headers. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -2416,6 +2289,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2424,39 +2298,34 @@ spec: - type: integer - type: string description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after the container + has started before... format: int32 type: integer periodSeconds: description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is - 1. + probe. format: int32 type: integer successThreshold: description: Minimum consecutive successes for the - probe to be considered successful after having - failed. Defaults to 1. Must be 1 for liveness - and startup. Minimum value is 1. + probe to be considered... format: int32 type: integer tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: - implement a realistic TCP lifecycle hook' + description: TCPSocket specifies a connection to + a TCP port. properties: host: description: 'Optional: Host name to connect @@ -2467,23 +2336,25 @@ spec: - type: integer - type: string description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true required: - port type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate... + format: int64 + type: integer timeoutSeconds: - description: 'Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after which the probe + times out. format: int32 type: integer type: object name: description: Name of the ephemeral container specified - as a DNS_LABEL. This name must be unique among all - containers, init containers and ephemeral containers. + as a DNS_LABEL. type: string ports: description: Ports are not allowed for ephemeral containers. @@ -2493,8 +2364,7 @@ spec: properties: containerPort: description: Number of port to expose on the pod's - IP address. This must be a valid port number, - 0 < x < 65536. + IP address. format: int32 type: integer hostIP: @@ -2503,72 +2373,77 @@ spec: type: string hostPort: description: Number of port to expose on the host. - If specified, this must be a valid port number, - 0 < x < 65536. If HostNetwork is specified, - this must match ContainerPort. Most containers - do not need this. format: int32 type: integer name: description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in - a pod must have a unique name. Name for the - port that can be referred to by services. + and unique within... type: string protocol: default: TCP - description: Protocol for port. Must be UDP, TCP, - or SCTP. Defaults to "TCP". + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". type: string required: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: description: Probes are not allowed for ephemeral containers. properties: exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + probe to be considered... format: int32 type: integer + grpc: + description: GRPC specifies a GRPC HealthCheckRequest. + properties: + port: + description: Port number of the gRPC service. + format: int32 + type: integer + service: + default: "" + description: Service is the name of the service + to place in the gRPC... + type: string + required: + - port + type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the request. - HTTP allows repeated headers. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -2578,6 +2453,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2586,39 +2462,34 @@ spec: - type: integer - type: string description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after the container + has started before... format: int32 type: integer periodSeconds: description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is - 1. + probe. format: int32 type: integer successThreshold: description: Minimum consecutive successes for the - probe to be considered successful after having - failed. Defaults to 1. Must be 1 for liveness - and startup. Minimum value is 1. + probe to be considered... format: int32 type: integer tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: - implement a realistic TCP lifecycle hook' + description: TCPSocket specifies a connection to + a TCP port. properties: host: description: 'Optional: Host name to connect @@ -2629,24 +2500,68 @@ spec: - type: integer - type: string description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true required: - port type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate... + format: int64 + type: integer timeoutSeconds: - description: 'Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after which the probe + times out. format: int32 type: integer type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the... + properties: + resourceName: + description: Name of the resource to which this + resource resize policy... + type: string + restartPolicy: + description: Restart policy to apply when specified + resource is resized. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: description: Resources are not allowed for ephemeral - containers. Ephemeral containers use spare resources - already allocated to the pod. + containers. properties: + claims: + description: Claims lists the names of resources, + defined in spec. + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec. + type: string + request: + description: Request is the name chosen for + a request in the referenced... + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -2654,8 +2569,8 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + description: Limits describes the maximum amount + of compute resources... type: object requests: additionalProperties: @@ -2664,30 +2579,40 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + description: Requests describes the minimum amount + of compute resources... type: object type: object + restartPolicy: + description: Restart policy for the container to manage + the restart behavior... + type: string securityContext: - description: SecurityContext is not allowed for ephemeral - containers. + description: 'Optional: SecurityContext defines the + security options the...' properties: allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls - whether a process can gain more privileges than - its parent process. This bool directly controls - if the no_new_privs flag will be set on the container - process. AllowPrivilegeEscalation is true always - when the container is: 1) run as Privileged 2) - has CAP_SYS_ADMIN' + description: AllowPrivilegeEscalation controls whether + a process can gain... type: boolean + appArmorProfile: + description: appArmorProfile is the AppArmor options + to use by this... + properties: + localhostProfile: + description: localhostProfile indicates a profile + loaded on the node that... + type: string + type: + description: type indicates which kind of AppArmor + profile will be applied. + type: string + required: + - type + type: object capabilities: description: The capabilities to add/drop when running - containers. Defaults to the default set of capabilities - granted by the container runtime. + containers. properties: add: description: Added capabilities @@ -2696,6 +2621,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -2703,59 +2629,36 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent - to root on the host. Defaults to false. + description: Run container in privileged mode. type: boolean procMount: description: procMount denotes the type of proc - mount to use for the containers. The default is - DefaultProcMount which uses the container runtime - defaults for readonly paths and masked paths. - This requires the ProcMountType feature flag to - be enabled. + mount to use for the... type: string readOnlyRootFilesystem: description: Whether this container has a read-only - root filesystem. Default is false. + root filesystem. type: boolean runAsGroup: description: The GID to run the entrypoint of the - container process. Uses runtime default if unset. - May also be set in PodSecurityContext. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + container process. format: int64 type: integer runAsNonRoot: description: Indicates that the container must run - as a non-root user. If true, the Kubelet will - validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start - the container if it does. If unset or false, no - such validation will be performed. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in - SecurityContext takes precedence. + as a non-root user. type: boolean runAsUser: description: The UID to run the entrypoint of the - container process. Defaults to user specified - in image metadata if unspecified. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in - SecurityContext takes precedence. + container process. format: int64 type: integer seLinuxOptions: description: The SELinux context to be applied to - the container. If unspecified, the container runtime - will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + the container. properties: level: description: Level is SELinux level label that @@ -2776,55 +2679,38 @@ spec: type: object seccompProfile: description: The seccomp options to use by this - container. If seccomp options are provided at - both the pod & container level, the container - options override the pod options. + container. properties: localhostProfile: description: localhostProfile indicates a profile - defined in a file on the node should be used. - The profile must be preconfigured on the node - to work. Must be a descending path, relative - to the kubelet's configured seccomp profile - location. Must only be set if type is "Localhost". + defined in a file on the... type: string type: - description: "type indicates which kind of seccomp - profile will be applied. Valid options are: - \n Localhost - a profile defined in a file - on the node should be used. RuntimeDefault - - the container runtime default profile should - be used. Unconfined - no profile should be - applied." + description: type indicates which kind of seccomp + profile will be applied. type: string required: - type type: object windowsOptions: description: The Windows specific settings applied - to all containers. If unspecified, the options - from the PodSecurityContext will be used. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + to all containers. properties: gmsaCredentialSpec: description: GMSACredentialSpec is where the - GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName field. + GMSA admission webhook... type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name - of the GMSA credential spec to use. + of the GMSA credential spec... type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host... + type: boolean runAsUserName: description: The UserName in Windows to run - the entrypoint of the container process. Defaults - to the user specified in image metadata if - unspecified. May also be set in PodSecurityContext. - If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. + the entrypoint of the container... type: string type: object type: object @@ -2832,47 +2718,53 @@ spec: description: Probes are not allowed for ephemeral containers. properties: exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + probe to be considered... format: int32 type: integer + grpc: + description: GRPC specifies a GRPC HealthCheckRequest. + properties: + port: + description: Port number of the gRPC service. + format: int32 + type: integer + service: + default: "" + description: Service is the name of the service + to place in the gRPC... + type: string + required: + - port + type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the request. - HTTP allows repeated headers. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -2882,6 +2774,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2890,39 +2783,34 @@ spec: - type: integer - type: string description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after the container + has started before... format: int32 type: integer periodSeconds: description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is - 1. + probe. format: int32 type: integer successThreshold: description: Minimum consecutive successes for the - probe to be considered successful after having - failed. Defaults to 1. Must be 1 for liveness - and startup. Minimum value is 1. + probe to be considered... format: int32 type: integer tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: - implement a realistic TCP lifecycle hook' + description: TCPSocket specifies a connection to + a TCP port. properties: host: description: 'Optional: Host name to connect @@ -2933,85 +2821,56 @@ spec: - type: integer - type: string description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true required: - port type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate... + format: int64 + type: integer timeoutSeconds: - description: 'Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after which the probe + times out. format: int32 type: integer type: object stdin: description: Whether this container should allocate - a buffer for stdin in the container runtime. If this - is not set, reads from stdin in the container will - always result in EOF. Default is false. + a buffer for stdin in... type: boolean stdinOnce: description: Whether the container runtime should close - the stdin channel after it has been opened by a single - attach. When stdin is true the stdin stream will remain - open across multiple attach sessions. If stdinOnce - is set to true, stdin is opened on container start, - is empty until the first client attaches to stdin, - and then remains open and accepts data until the client - disconnects, at which time stdin is closed and remains - closed until the container is restarted. If this flag - is false, a container processes that reads from stdin - will never receive an EOF. Default is false + the stdin channel... type: boolean targetContainerName: description: If set, the name of the container from - PodSpec that this ephemeral container targets. The - ephemeral container will be run in the namespaces - (IPC, PID, etc) of this container. If not set then - the ephemeral container is run in whatever namespaces - are shared for the pod. Note that the container runtime - must support this feature. + PodSpec that this... type: string terminationMessagePath: description: 'Optional: Path at which the file to which - the container''s termination message will be written - is mounted into the container''s filesystem. Message - written is intended to be brief final status, such - as an assertion failure message. Will be truncated - by the node if greater than 4096 bytes. The total - message length across all containers will be limited - to 12kb. Defaults to /dev/termination-log. Cannot - be updated.' + the container''s...' type: string terminationMessagePolicy: description: Indicate how the termination message should - be populated. File will use the contents of terminationMessagePath - to populate the container status message on both success - and failure. FallbackToLogsOnError will use the last - chunk of container log output if the termination message - file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, - whichever is smaller. Defaults to File. Cannot be - updated. + be populated. type: string tty: description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to be true. - Default is false. + a TTY for itself, also... type: boolean volumeDevices: description: volumeDevices is the list of block devices - to be used by the container. + to be used by the... items: description: volumeDevice describes a mapping of a - raw block device within a container. + raw block device within a... properties: devicePath: description: devicePath is the path inside of - the container that the device will be mapped - to. + the container that the device... type: string name: description: name must match the name of a persistentVolumeClaim @@ -3022,186 +2881,163 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: Pod volumes to mount into the container's - filesystem. Cannot be updated. + filesystem. items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: description: Path within the container at which - the volume should be mounted. Must not contain - ':'. + the volume should be mounted. type: string mountPropagation: description: mountPropagation determines how mounts - are propagated from the host to container and - the other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. + are propagated from the... type: string name: description: This must match the Name of a Volume. type: string readOnly: description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to - false. + otherwise (false or... type: boolean + recursiveReadOnly: + description: RecursiveReadOnly specifies whether + read-only mounts should be... + type: string subPath: description: Path within the volume from which - the container's volume should be mounted. Defaults - to "" (volume's root). + the container's volume should... type: string subPathExpr: description: Expanded path within the volume from - which the container's volume should be mounted. - Behaves similarly to SubPath but environment - variable references $(VAR_NAME) are expanded - using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath - are mutually exclusive. + which the container's... type: string required: - mountPath - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which - might be configured in the container image. Cannot - be updated. + description: Container's working directory. type: string required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map hostAliases: description: HostAliases is an optional list of hosts and - IPs that will be injected into the pod's hosts file if specified. - This is only valid for non-hostNetwork pods. + IPs that will be... items: description: HostAlias holds the mapping between IP and - hostnames that will be injected as an entry in the pod's - hosts file. + hostnames that will... properties: hostnames: description: Hostnames for the above IP address. items: type: string type: array + x-kubernetes-list-type: atomic ip: description: IP address of the host file entry. type: string + required: + - ip type: object type: array + x-kubernetes-list-map-keys: + - ip + x-kubernetes-list-type: map hostIPC: - description: 'Use the host''s ipc namespace. Optional: Default - to false.' + description: |- + Use the host's ipc namespace. + Optional: Default to false. type: boolean hostNetwork: - description: Host networking requested for this pod. Use the - host's network namespace. If this option is set, the ports - that will be used must be specified. Default to false. + description: Host networking requested for this pod. type: boolean hostPID: - description: 'Use the host''s pid namespace. Optional: Default - to false.' + description: |- + Use the host's pid namespace. + Optional: Default to false. + type: boolean + hostUsers: + description: |- + Use the host's user namespace. + Optional: Default to true. type: boolean hostname: - description: Specifies the hostname of the Pod If not specified, - the pod's hostname will be set to a system-defined value. + description: |- + Specifies the hostname of the Pod + If not specified, the pod's... type: string imagePullSecrets: - description: 'ImagePullSecrets is an optional list of references - to secrets in the same namespace to use for pulling any - of the images used by this PodSpec. If specified, these - secrets will be passed to individual puller implementations - for them to use. For example, in the case of docker, only - DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' + description: ImagePullSecrets is an optional list of references + to secrets... items: description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. + to let you... properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + default: "" + description: Name of the referent. type: string type: object + x-kubernetes-map-type: atomic type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map initContainers: - description: 'List of initialization containers belonging - to the pod. Init containers are executed in order prior - to containers being started. If any init container fails, - the pod is considered to have failed and is handled according - to its restartPolicy. The name for an init container or - normal container must be unique among all containers. Init - containers may not have Lifecycle actions, Readiness probes, - Liveness probes, or Startup probes. The resourceRequirements - of an init container are taken into account during scheduling - by finding the highest request/limit for each resource type, - and then using the max of of that value or the sum of the - normal containers. Limits are applied to init containers - in a similar fashion. Init containers cannot currently be - added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' + description: List of initialization containers belonging to + the pod. items: description: A single application container that you want - to run within a pod. + to run within a... properties: args: - description: 'Arguments to the entrypoint. The docker - image''s CMD is used if this is not provided. Variable - references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the - reference in the input string will be unchanged. The - $(VAR_NAME) syntax can be escaped with a double $$, - ie: $$(VAR_NAME). Escaped references will never be - expanded, regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: Arguments to the entrypoint. items: type: string type: array + x-kubernetes-list-type: atomic command: - description: 'Entrypoint array. Not executed within - a shell. The docker image''s ENTRYPOINT is used if - this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If - a variable cannot be resolved, the reference in the - input string will be unchanged. The $(VAR_NAME) syntax - can be escaped with a double $$, ie: $$(VAR_NAME). - Escaped references will never be expanded, regardless - of whether the variable exists or not. Cannot be updated. - More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + description: Entrypoint array. Not executed within a + shell. items: type: string type: array + x-kubernetes-list-type: atomic env: description: List of environment variables to set in - the container. Cannot be updated. + the container. items: description: EnvVar represents an environment variable - present in a Container. + present in a... properties: name: description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) - are expanded using the previous defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. - The $(VAR_NAME) syntax can be escaped with a - double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether - the variable exists or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded + using the... type: string valueFrom: description: Source for the environment variable's - value. Cannot be used if value is not empty. + value. properties: configMapKeyRef: description: Selects a key of a ConfigMap. @@ -3210,10 +3046,8 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: description: Specify whether the ConfigMap @@ -3222,17 +3056,14 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: - supports metadata.name, metadata.namespace, - `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + supports metadata.name, metadata.' properties: apiVersion: description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". + FieldPath is written in terms of,... type: string fieldPath: description: Path of the field to select @@ -3241,12 +3072,10 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, - requests.cpu, requests.memory and requests.ephemeral-storage) - are currently supported.' + only resources limits and...' properties: containerName: description: 'Container name: required @@ -3257,8 +3086,7 @@ spec: - type: integer - type: string description: Specifies the output format - of the exposed resources, defaults to - "1" + of the exposed resources, defaults... pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: @@ -3267,20 +3095,18 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace properties: key: description: The key of the secret to - select from. Must be a valid secret - key. + select from. type: string name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: description: Specify whether the Secret @@ -3289,121 +3115,102 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: List of sources to populate environment - variables in the container. The keys defined within - a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is - starting. When a key exists in multiple sources, the - value associated with the last source will take precedence. - Values defined by an Env with a duplicate key will - take precedence. Cannot be updated. + variables in the... items: description: EnvFromSource represents the source of - a set of ConfigMaps + a set of ConfigMaps or... properties: configMapRef: description: The ConfigMap to select from properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: description: Specify whether the ConfigMap must be defined type: boolean type: object + x-kubernetes-map-type: atomic prefix: - description: An optional identifier to prepend - to each key in the ConfigMap. Must be a C_IDENTIFIER. + description: Optional text to prepend to the name + of each environment... type: string secretRef: description: The Secret to select from properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: description: Specify whether the Secret must be defined type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config - management to default or override container images - in workload controllers like Deployments and StatefulSets.' + description: |- + Container image name. + More info: https://kubernetes. type: string imagePullPolicy: - description: 'Image pull policy. One of Always, Never, - IfNotPresent. Defaults to Always if :latest tag is - specified, or IfNotPresent otherwise. Cannot be updated. - More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. type: string lifecycle: description: Actions that the management system should - take in response to container lifecycle events. Cannot - be updated. + take in response to... properties: postStart: - description: 'PostStart is called immediately after - a container is created. If the handler fails, - the container is terminated and restarted according - to its restart policy. Other management of the - container blocks until the hook completes. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: PostStart is called immediately after + a container is created. properties: exec: - description: One and only one of the following - should be specified. Exec specifies the action - to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + to execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set - "Host" in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the - request. HTTP allows repeated headers. + request. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -3413,6 +3220,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -3422,22 +3230,30 @@ spec: - type: integer - type: string description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + to access on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object + sleep: + description: Sleep represents a duration that + the container should sleep. + properties: + seconds: + description: Seconds is the number of seconds + to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: - description: 'TCPSocket specifies an action - involving a TCP port. TCP hooks not yet supported - TODO: implement a realistic TCP lifecycle - hook' + description: Deprecated. properties: host: description: 'Optional: Host name to connect @@ -3448,68 +3264,45 @@ spec: - type: integer - type: string description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + to access on the container. x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: 'PreStop is called immediately before - a container is terminated due to an API request - or management event such as liveness/startup probe - failure, preemption, resource contention, etc. - The handler is not called if the container crashes - or exits. The reason for termination is passed - to the handler. The Pod''s termination grace period - countdown begins before the PreStop hooked is - executed. Regardless of the outcome of the handler, - the container will eventually terminate within - the Pod''s termination grace period. Other management - of the container blocks until the hook completes - or until the termination grace period is reached. - More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + description: PreStop is called immediately before + a container is terminated... properties: exec: - description: One and only one of the following - should be specified. Exec specifies the action - to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line - to execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside - a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, - you need to explicitly call out to that - shell. Exit status of 0 is treated as - live/healthy and non-zero is unhealthy. + to execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set - "Host" in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the - request. HTTP allows repeated headers. + request. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -3519,6 +3312,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -3528,22 +3322,30 @@ spec: - type: integer - type: string description: Name or number of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + to access on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object + sleep: + description: Sleep represents a duration that + the container should sleep. + properties: + seconds: + description: Seconds is the number of seconds + to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: - description: 'TCPSocket specifies an action - involving a TCP port. TCP hooks not yet supported - TODO: implement a realistic TCP lifecycle - hook' + description: Deprecated. properties: host: description: 'Optional: Host name to connect @@ -3554,62 +3356,68 @@ spec: - type: integer - type: string description: Number or name of the port - to access on the container. Number must - be in the range 1 to 65535. Name must - be an IANA_SVC_NAME. + to access on the container. x-kubernetes-int-or-string: true required: - port type: object type: object + stopSignal: + description: StopSignal defines which signal will + be sent to a container... + type: string type: object livenessProbe: - description: 'Periodic probe of container liveness. - Container will be restarted if the probe fails. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Periodic probe of container liveness. properties: exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + probe to be considered... format: int32 type: integer + grpc: + description: GRPC specifies a GRPC HealthCheckRequest. + properties: + port: + description: Port number of the gRPC service. + format: int32 + type: integer + service: + default: "" + description: Service is the name of the service + to place in the gRPC... + type: string + required: + - port + type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the request. - HTTP allows repeated headers. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -3619,6 +3427,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3627,39 +3436,34 @@ spec: - type: integer - type: string description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after the container + has started before... format: int32 type: integer periodSeconds: description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is - 1. + probe. format: int32 type: integer successThreshold: description: Minimum consecutive successes for the - probe to be considered successful after having - failed. Defaults to 1. Must be 1 for liveness - and startup. Minimum value is 1. + probe to be considered... format: int32 type: integer tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: - implement a realistic TCP lifecycle hook' + description: TCPSocket specifies a connection to + a TCP port. properties: host: description: 'Optional: Host name to connect @@ -3670,41 +3474,34 @@ spec: - type: integer - type: string description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true required: - port type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate... + format: int64 + type: integer timeoutSeconds: - description: 'Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after which the probe + times out. format: int32 type: integer type: object name: description: Name of the container specified as a DNS_LABEL. - Each container in a pod must have a unique name (DNS_LABEL). - Cannot be updated. type: string ports: description: List of ports to expose from the container. - Exposing a port here gives the system additional information - about the network connections a container uses, but - is primarily informational. Not specifying a port - here DOES NOT prevent that port from being exposed. - Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from - the network. Cannot be updated. items: description: ContainerPort represents a network port in a single container. properties: containerPort: description: Number of port to expose on the pod's - IP address. This must be a valid port number, - 0 < x < 65536. + IP address. format: int32 type: integer hostIP: @@ -3713,22 +3510,17 @@ spec: type: string hostPort: description: Number of port to expose on the host. - If specified, this must be a valid port number, - 0 < x < 65536. If HostNetwork is specified, - this must match ContainerPort. Most containers - do not need this. format: int32 type: integer name: description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in - a pod must have a unique name. Name for the - port that can be referred to by services. + and unique within... type: string protocol: default: TCP - description: Protocol for port. Must be UDP, TCP, - or SCTP. Defaults to "TCP". + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". type: string required: - containerPort @@ -3739,52 +3531,56 @@ spec: - protocol x-kubernetes-list-type: map readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if - the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Periodic probe of container service readiness. properties: exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + probe to be considered... format: int32 type: integer + grpc: + description: GRPC specifies a GRPC HealthCheckRequest. + properties: + port: + description: Port number of the gRPC service. + format: int32 + type: integer + service: + default: "" + description: Service is the name of the service + to place in the gRPC... + type: string + required: + - port + type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the request. - HTTP allows repeated headers. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -3794,6 +3590,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3802,39 +3599,34 @@ spec: - type: integer - type: string description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after the container + has started before... format: int32 type: integer periodSeconds: description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is - 1. + probe. format: int32 type: integer successThreshold: description: Minimum consecutive successes for the - probe to be considered successful after having - failed. Defaults to 1. Must be 1 for liveness - and startup. Minimum value is 1. + probe to be considered... format: int32 type: integer tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: - implement a realistic TCP lifecycle hook' + description: TCPSocket specifies a connection to + a TCP port. properties: host: description: 'Optional: Host name to connect @@ -3845,23 +3637,69 @@ spec: - type: integer - type: string description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true required: - port type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate... + format: int64 + type: integer timeoutSeconds: - description: 'Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after which the probe + times out. format: int32 type: integer type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the... + properties: + resourceName: + description: Name of the resource to which this + resource resize policy... + type: string + restartPolicy: + description: Restart policy to apply when specified + resource is resized. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + description: |- + Compute Resources required by this container. + Cannot be updated. properties: + claims: + description: Claims lists the names of resources, + defined in spec. + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one + entry in pod.spec. + type: string + request: + description: Request is the name chosen for + a request in the referenced... + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -3869,8 +3707,8 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + description: Limits describes the maximum amount + of compute resources... type: object requests: additionalProperties: @@ -3879,31 +3717,40 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + description: Requests describes the minimum amount + of compute resources... type: object type: object + restartPolicy: + description: RestartPolicy defines the restart behavior + of individual... + type: string securityContext: - description: 'Security options the pod should run with. - More info: https://kubernetes.io/docs/concepts/policy/security-context/ - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + description: SecurityContext defines the security options + the container... properties: allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls - whether a process can gain more privileges than - its parent process. This bool directly controls - if the no_new_privs flag will be set on the container - process. AllowPrivilegeEscalation is true always - when the container is: 1) run as Privileged 2) - has CAP_SYS_ADMIN' + description: AllowPrivilegeEscalation controls whether + a process can gain... type: boolean + appArmorProfile: + description: appArmorProfile is the AppArmor options + to use by this... + properties: + localhostProfile: + description: localhostProfile indicates a profile + loaded on the node that... + type: string + type: + description: type indicates which kind of AppArmor + profile will be applied. + type: string + required: + - type + type: object capabilities: description: The capabilities to add/drop when running - containers. Defaults to the default set of capabilities - granted by the container runtime. + containers. properties: add: description: Added capabilities @@ -3912,6 +3759,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -3919,59 +3767,36 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent - to root on the host. Defaults to false. + description: Run container in privileged mode. type: boolean procMount: description: procMount denotes the type of proc - mount to use for the containers. The default is - DefaultProcMount which uses the container runtime - defaults for readonly paths and masked paths. - This requires the ProcMountType feature flag to - be enabled. + mount to use for the... type: string readOnlyRootFilesystem: description: Whether this container has a read-only - root filesystem. Default is false. + root filesystem. type: boolean runAsGroup: description: The GID to run the entrypoint of the - container process. Uses runtime default if unset. - May also be set in PodSecurityContext. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + container process. format: int64 type: integer runAsNonRoot: description: Indicates that the container must run - as a non-root user. If true, the Kubelet will - validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start - the container if it does. If unset or false, no - such validation will be performed. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in - SecurityContext takes precedence. + as a non-root user. type: boolean runAsUser: description: The UID to run the entrypoint of the - container process. Defaults to user specified - in image metadata if unspecified. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in - SecurityContext takes precedence. + container process. format: int64 type: integer seLinuxOptions: description: The SELinux context to be applied to - the container. If unspecified, the container runtime - will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + the container. properties: level: description: Level is SELinux level label that @@ -3992,111 +3817,93 @@ spec: type: object seccompProfile: description: The seccomp options to use by this - container. If seccomp options are provided at - both the pod & container level, the container - options override the pod options. + container. properties: localhostProfile: description: localhostProfile indicates a profile - defined in a file on the node should be used. - The profile must be preconfigured on the node - to work. Must be a descending path, relative - to the kubelet's configured seccomp profile - location. Must only be set if type is "Localhost". + defined in a file on the... type: string type: - description: "type indicates which kind of seccomp - profile will be applied. Valid options are: - \n Localhost - a profile defined in a file - on the node should be used. RuntimeDefault - - the container runtime default profile should - be used. Unconfined - no profile should be - applied." + description: type indicates which kind of seccomp + profile will be applied. type: string required: - type type: object windowsOptions: description: The Windows specific settings applied - to all containers. If unspecified, the options - from the PodSecurityContext will be used. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + to all containers. properties: gmsaCredentialSpec: description: GMSACredentialSpec is where the - GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName field. + GMSA admission webhook... type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name - of the GMSA credential spec to use. + of the GMSA credential spec... type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host... + type: boolean runAsUserName: description: The UserName in Windows to run - the entrypoint of the container process. Defaults - to the user specified in image metadata if - unspecified. May also be set in PodSecurityContext. - If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. + the entrypoint of the container... type: string type: object type: object startupProbe: - description: 'StartupProbe indicates that the Pod has - successfully initialized. If specified, no other probes - are executed until this completes successfully. If - this probe fails, the Pod will be restarted, just - as if the livenessProbe failed. This can be used to - provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time - to load data or warm a cache, than during steady-state - operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: StartupProbe indicates that the Pod has + successfully... properties: exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. + description: Exec specifies a command to execute + in the container. properties: command: description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') in - the container's filesystem. The command is - simply exec'd, it is not run inside a shell, - so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is - treated as live/healthy and non-zero is unhealthy. + execute inside the container,... items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + probe to be considered... format: int32 type: integer + grpc: + description: GRPC specifies a GRPC HealthCheckRequest. + properties: + port: + description: Port number of the gRPC service. + format: int32 + type: integer + service: + default: "" + description: Service is the name of the service + to place in the gRPC... + type: string + required: + - port + type: object httpGet: - description: HTTPGet specifies the http request + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. + to the pod IP. type: string httpHeaders: description: Custom headers to set in the request. - HTTP allows repeated headers. items: description: HTTPHeader describes a custom header to be used in HTTP probes properties: name: - description: The header field name + description: The header field name. type: string value: description: The header field value @@ -4106,6 +3913,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4114,39 +3922,34 @@ spec: - type: integer - type: string description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true scheme: - description: Scheme to use for connecting to - the host. Defaults to HTTP. + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - port type: object initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after the container + has started before... format: int32 type: integer periodSeconds: description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is - 1. + probe. format: int32 type: integer successThreshold: description: Minimum consecutive successes for the - probe to be considered successful after having - failed. Defaults to 1. Must be 1 for liveness - and startup. Minimum value is 1. + probe to be considered... format: int32 type: integer tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: - implement a realistic TCP lifecycle hook' + description: TCPSocket specifies a connection to + a TCP port. properties: host: description: 'Optional: Host name to connect @@ -4157,76 +3960,52 @@ spec: - type: integer - type: string description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. + on the container. x-kubernetes-int-or-string: true required: - port type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod + needs to terminate... + format: int64 + type: integer timeoutSeconds: - description: 'Number of seconds after which the - probe times out. Defaults to 1 second. Minimum - value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + description: Number of seconds after which the probe + times out. format: int32 type: integer type: object stdin: description: Whether this container should allocate - a buffer for stdin in the container runtime. If this - is not set, reads from stdin in the container will - always result in EOF. Default is false. + a buffer for stdin in... type: boolean stdinOnce: description: Whether the container runtime should close - the stdin channel after it has been opened by a single - attach. When stdin is true the stdin stream will remain - open across multiple attach sessions. If stdinOnce - is set to true, stdin is opened on container start, - is empty until the first client attaches to stdin, - and then remains open and accepts data until the client - disconnects, at which time stdin is closed and remains - closed until the container is restarted. If this flag - is false, a container processes that reads from stdin - will never receive an EOF. Default is false + the stdin channel... type: boolean terminationMessagePath: description: 'Optional: Path at which the file to which - the container''s termination message will be written - is mounted into the container''s filesystem. Message - written is intended to be brief final status, such - as an assertion failure message. Will be truncated - by the node if greater than 4096 bytes. The total - message length across all containers will be limited - to 12kb. Defaults to /dev/termination-log. Cannot - be updated.' + the container''s...' type: string terminationMessagePolicy: description: Indicate how the termination message should - be populated. File will use the contents of terminationMessagePath - to populate the container status message on both success - and failure. FallbackToLogsOnError will use the last - chunk of container log output if the termination message - file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, - whichever is smaller. Defaults to File. Cannot be - updated. + be populated. type: string tty: description: Whether this container should allocate - a TTY for itself, also requires 'stdin' to be true. - Default is false. + a TTY for itself, also... type: boolean volumeDevices: description: volumeDevices is the list of block devices - to be used by the container. + to be used by the... items: description: volumeDevice describes a mapping of a - raw block device within a container. + raw block device within a... properties: devicePath: description: devicePath is the path inside of - the container that the device will be mapped - to. + the container that the device... type: string name: description: name must match the name of a persistentVolumeClaim @@ -4237,74 +4016,80 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: Pod volumes to mount into the container's - filesystem. Cannot be updated. + filesystem. items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: description: Path within the container at which - the volume should be mounted. Must not contain - ':'. + the volume should be mounted. type: string mountPropagation: description: mountPropagation determines how mounts - are propagated from the host to container and - the other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. + are propagated from the... type: string name: description: This must match the Name of a Volume. type: string readOnly: description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to - false. + otherwise (false or... type: boolean + recursiveReadOnly: + description: RecursiveReadOnly specifies whether + read-only mounts should be... + type: string subPath: description: Path within the volume from which - the container's volume should be mounted. Defaults - to "" (volume's root). + the container's volume should... type: string subPathExpr: description: Expanded path within the volume from - which the container's volume should be mounted. - Behaves similarly to SubPath but environment - variable references $(VAR_NAME) are expanded - using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath - are mutually exclusive. + which the container's... type: string required: - mountPath - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which - might be configured in the container image. Cannot - be updated. + description: Container's working directory. type: string required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map nodeName: - description: NodeName is a request to schedule this pod onto - a specific node. If it is non-empty, the scheduler simply - schedules this pod onto that node, assuming that it fits - resource requirements. + description: NodeName indicates in which node this pod is + scheduled. type: string nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the pod to fit on a node. Selector which must match - a node''s labels for the pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + description: NodeSelector is a selector which must be true + for the pod to... + type: object + x-kubernetes-map-type: atomic + os: + description: Specifies the OS of the containers in the pod. + properties: + name: + description: Name is the name of the operating system. + type: string + required: + - name type: object overhead: additionalProperties: @@ -4313,142 +4098,186 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Overhead represents the resource overhead associated - with running a pod for a given RuntimeClass. This field - will be autopopulated at admission time by the RuntimeClass - admission controller. If the RuntimeClass admission controller - is enabled, overhead must not be set in Pod create requests. - The RuntimeClass admission controller will reject Pod create - requests which have the overhead already set. If RuntimeClass - is configured and selected in the PodSpec, Overhead will - be set to the value defined in the corresponding RuntimeClass, - otherwise it will remain unset and treated as zero. More - info: https://git.k8s.io/enhancements/keps/sig-node/20190226-pod-overhead.md - This field is alpha-level as of Kubernetes v1.16, and is - only honored by servers that enable the PodOverhead feature.' + description: Overhead represents the resource overhead associated + with... type: object preemptionPolicy: description: PreemptionPolicy is the Policy for preempting - pods with lower priority. One of Never, PreemptLowerPriority. - Defaults to PreemptLowerPriority if unset. This field is - beta-level, gated by the NonPreemptingPriority feature-gate. + pods with lower... type: string priority: - description: The priority value. Various system components - use this field to find the priority of the pod. When Priority - Admission Controller is enabled, it prevents users from - setting this field. The admission controller populates this - field from PriorityClassName. The higher the value, the - higher the priority. + description: The priority value. format: int32 type: integer priorityClassName: - description: If specified, indicates the pod's priority. "system-node-critical" - and "system-cluster-critical" are two special keywords which - indicate the highest priorities with the former being the - highest priority. Any other name must be defined by creating - a PriorityClass object with that name. If not specified, - the pod priority will be default or zero if there is no - default. + description: If specified, indicates the pod's priority. type: string readinessGates: - description: 'If specified, all readiness gates will be evaluated - for pod readiness. A pod is ready when all its containers - are ready AND all conditions specified in the readiness - gates have status equal to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/0007-pod-ready%2B%2B.md' + description: If specified, all readiness gates will be evaluated + for pod... items: description: PodReadinessGate contains the reference to a pod condition properties: conditionType: description: ConditionType refers to a condition in - the pod's condition list with matching type. + the pod's condition list... type: string required: - conditionType type: object type: array + x-kubernetes-list-type: atomic + resourceClaims: + description: ResourceClaims defines which ResourceClaims must + be allocated... + items: + description: PodResourceClaim references exactly one ResourceClaim, + either... + properties: + name: + description: Name uniquely identifies this resource + claim inside the pod. + type: string + resourceClaimName: + description: ResourceClaimName is the name of a ResourceClaim + object in the... + type: string + resourceClaimTemplateName: + description: ResourceClaimTemplateName is the name of + a... + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + resources: + description: Resources is the total amount of CPU and Memory + resources... + properties: + claims: + description: Claims lists the names of resources, defined + in spec. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec. + type: string + request: + description: Request is the name chosen for a request + in the referenced... + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Limits describes the maximum amount of compute + resources... + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Requests describes the minimum amount of + compute resources... + type: object + type: object restartPolicy: - description: 'Restart policy for all containers within the - pod. One of Always, OnFailure, Never. Default to Always. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' + description: Restart policy for all containers within the + pod. type: string runtimeClassName: - description: 'RuntimeClassName refers to a RuntimeClass object - in the node.k8s.io group, which should be used to run this - pod. If no RuntimeClass resource matches the named class, - the pod will not be run. If unset or empty, the "legacy" - RuntimeClass will be used, which is an implicit class with - an empty definition that uses the default runtime handler. - More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md - This is a beta feature as of Kubernetes v1.14.' + description: RuntimeClassName refers to a RuntimeClass object + in the node. type: string schedulerName: description: If specified, the pod will be dispatched by specified - scheduler. If not specified, the pod will be dispatched - by default scheduler. + scheduler. type: string + schedulingGates: + description: SchedulingGates is an opaque list of values that + if specified... + items: + description: PodSchedulingGate is associated to a Pod to + guard its... + properties: + name: + description: Name of the scheduling gate. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map securityContext: - description: 'SecurityContext holds pod-level security attributes - and common container settings. Optional: Defaults to empty. See - type description for default values of each field.' + description: SecurityContext holds pod-level security attributes + and common... properties: + appArmorProfile: + description: appArmorProfile is the AppArmor options to + use by the... + properties: + localhostProfile: + description: localhostProfile indicates a profile + loaded on the node that... + type: string + type: + description: type indicates which kind of AppArmor + profile will be applied. + type: string + required: + - type + type: object fsGroup: - description: "A special supplemental group that applies - to all containers in a pod. Some volume types allow - the Kubelet to change the ownership of that volume to - be owned by the pod: \n 1. The owning GID will be the - FSGroup 2. The setgid bit is set (new files created - in the volume will be owned by FSGroup) 3. The permission - bits are OR'd with rw-rw---- \n If unset, the Kubelet - will not modify the ownership and permissions of any - volume." + description: A special supplemental group that applies + to all containers in... format: int64 type: integer fsGroupChangePolicy: - description: 'fsGroupChangePolicy defines behavior of - changing ownership and permission of the volume before - being exposed inside Pod. This field will only apply - to volume types which support fsGroup based ownership(and - permissions). It will have no effect on ephemeral volume - types such as: secret, configmaps and emptydir. Valid - values are "OnRootMismatch" and "Always". If not specified, - "Always" is used.' + description: fsGroupChangePolicy defines behavior of changing + ownership and... type: string runAsGroup: description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be - set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. + process. format: int64 type: integer runAsNonRoot: description: Indicates that the container must run as - a non-root user. If true, the Kubelet will validate - the image at runtime to ensure that it does not run - as UID 0 (root) and fail to start the container if it - does. If unset or false, no such validation will be - performed. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. + a non-root user. type: boolean runAsUser: description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata - if unspecified. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence - for that container. + process. format: int64 type: integer + seLinuxChangePolicy: + description: seLinuxChangePolicy defines how the container's + SELinux label... + type: string seLinuxOptions: description: The SELinux context to be applied to all - containers. If unspecified, the container runtime will - allocate a random SELinux context for each container. May - also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. + containers. properties: level: description: Level is SELinux level label that applies @@ -4473,36 +4302,30 @@ spec: properties: localhostProfile: description: localhostProfile indicates a profile - defined in a file on the node should be used. The - profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's - configured seccomp profile location. Must only be - set if type is "Localhost". + defined in a file on the... type: string type: - description: "type indicates which kind of seccomp - profile will be applied. Valid options are: \n Localhost - - a profile defined in a file on the node should - be used. RuntimeDefault - the container runtime - default profile should be used. Unconfined - no - profile should be applied." + description: type indicates which kind of seccomp + profile will be applied. type: string required: - type type: object supplementalGroups: description: A list of groups applied to the first process - run in each container, in addition to the container's - primary GID. If unspecified, no groups will be added - to any container. + run in each... items: format: int64 type: integer type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + description: Defines how supplemental groups of the first + container... + type: string sysctls: description: Sysctls hold a list of namespaced sysctls - used for the pod. Pods with unsupported sysctls (by - the container runtime) might fail to launch. + used for the pod. items: description: Sysctl defines a kernel parameter to be set @@ -4518,143 +4341,100 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic windowsOptions: description: The Windows specific settings applied to - all containers. If unspecified, the options within a - container's SecurityContext will be used. If set in - both SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence. + all containers. properties: gmsaCredentialSpec: description: GMSACredentialSpec is where the GMSA - admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec - named by the GMSACredentialSpecName field. + admission webhook... type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of - the GMSA credential spec to use. + the GMSA credential spec... type: string + hostProcess: + description: HostProcess determines if a container + should be run as a 'Host... + type: boolean runAsUserName: description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. + of the container... type: string type: object type: object serviceAccount: - description: 'DeprecatedServiceAccount is a depreciated alias - for ServiceAccountName. Deprecated: Use serviceAccountName - instead.' + description: DeprecatedServiceAccount is a deprecated alias + for... type: string serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' + description: ServiceAccountName is the name of the ServiceAccount + to use to... type: string setHostnameAsFQDN: description: If true the pod's hostname will be configured - as the pod's FQDN, rather than the leaf name (the default). - In Linux containers, this means setting the FQDN in the - hostname field of the kernel (the nodename field of struct - utsname). In Windows containers, this means setting the - registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters - to FQDN. If a pod does not have FQDN, this has no effect. - Default to false. + as the pod's... type: boolean shareProcessNamespace: - description: 'Share a single process namespace between all - of the containers in a pod. When this is set containers - will be able to view and signal processes from other containers - in the same pod, and the first process in each container - will not be assigned PID 1. HostPID and ShareProcessNamespace - cannot both be set. Optional: Default to false.' + description: Share a single process namespace between all + of the containers... type: boolean subdomain: description: If specified, the fully qualified Pod hostname - will be "...svc.". If not specified, the pod will not have a domainname - at all. + will be... type: string terminationGracePeriodSeconds: description: Optional duration in seconds the pod needs to - terminate gracefully. May be decreased in delete request. - Value must be non-negative integer. The value zero indicates - delete immediately. If this value is nil, the default grace - period will be used instead. The grace period is the duration - in seconds after the processes running in the pod are sent - a termination signal and the time when the processes are - forcibly halted with a kill signal. Set this value longer - than the expected cleanup time for your process. Defaults - to 30 seconds. + terminate... format: int64 type: integer tolerations: description: If specified, the pod's tolerations. items: description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . + any taint that... properties: effect: description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. + applies to. type: string operator: description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. + to the value. type: string tolerationSeconds: description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. + of time the toleration... format: int64 type: integer value: description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. + matches to. type: string type: object type: array + x-kubernetes-list-type: atomic topologySpreadConstraints: description: TopologySpreadConstraints describes how a group - of pods ought to spread across topology domains. Scheduler - will schedule pods in a way which abides by the constraints. - All topologySpreadConstraints are ANDed. + of pods ought... items: description: TopologySpreadConstraint specifies how to spread - matching pods among the given topology. + matching pods... properties: labelSelector: description: LabelSelector is used to find matching - pods. Pods that match this label selector are counted - to determine the number of pods in their corresponding - topology domain. + pods. properties: matchExpressions: description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. + selector requirements. items: description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. + selector that contains... properties: key: description: key is the label key that the @@ -4662,80 +4442,60 @@ spec: type: string operator: description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + to a set of values. type: string values: description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. + values. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. + pairs. type: object type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys + to select the pods... + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: - description: 'MaxSkew describes the degree to which - pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, - it is the maximum permitted difference between the - number of matching pods in the target topology and - the global minimum. For example, in a 3-zone cluster, - MaxSkew is set to 1, and pods with the same labelSelector - spread as 1/1/0: | zone1 | zone2 | zone3 | | P | P | | - - if MaxSkew is 1, incoming pod can only be scheduled - to zone3 to become 1/1/1; scheduling it onto zone1(zone2) - would make the ActualSkew(2-0) on zone1(zone2) violate - MaxSkew(1). - if MaxSkew is 2, incoming pod can be - scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, - it is used to give higher precedence to topologies - that satisfy it. It''s a required field. Default value - is 1 and 0 is not allowed.' + description: MaxSkew describes the degree to which pods + may be unevenly... format: int32 type: integer + minDomains: + description: MinDomains indicates a minimum number of + eligible domains. + format: int32 + type: integer + nodeAffinityPolicy: + description: NodeAffinityPolicy indicates how we will + treat Pod's... + type: string + nodeTaintsPolicy: + description: NodeTaintsPolicy indicates how we will + treat node taints when... + type: string topologyKey: description: TopologyKey is the key of node labels. - Nodes that have a label with this key and identical - values are considered to be in the same topology. - We consider each as a "bucket", and try - to put balanced number of pods into each bucket. It's - a required field. type: string whenUnsatisfiable: - description: 'WhenUnsatisfiable indicates how to deal - with a pod if it doesn''t satisfy the spread constraint. - - DoNotSchedule (default) tells the scheduler not - to schedule it. - ScheduleAnyway tells the scheduler - to schedule the pod in any location, but giving - higher precedence to topologies that would help reduce - the skew. A constraint is considered "Unsatisfiable" - for an incoming pod if and only if every possible - node assigment for that pod would violate "MaxSkew" - on some topology. For example, in a 3-zone cluster, - MaxSkew is set to 1, and pods with the same labelSelector - spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P - | P | P | If WhenUnsatisfiable is set to DoNotSchedule, - incoming pod can only be scheduled to zone2(zone3) - to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) - satisfies MaxSkew(1). In other words, the cluster - can still be imbalanced, but scheduler won''t make - it *more* imbalanced. It''s a required field.' + description: WhenUnsatisfiable indicates how to deal + with a pod if it... type: string required: - maxSkew @@ -4748,313 +4508,239 @@ spec: - whenUnsatisfiable x-kubernetes-list-type: map volumes: - description: 'List of volumes that can be mounted by containers - belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes' + description: List of volumes that can be mounted by containers + belonging to... items: description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. + may be accessed... properties: awsElasticBlockStore: - description: 'AWSElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: awsElasticBlockStore represents an AWS + Disk resource that is... properties: fsType: - description: 'Filesystem type of the volume that - you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: fsType is the filesystem type of the + volume that you want to... type: string partition: - description: 'The partition in the volume that you - want to mount. If omitted, the default is to mount - by volume name. Examples: For volume /dev/sda1, - you specify the partition as "1". Similarly, the - volume partition for /dev/sda is "0" (or you can - leave the property empty).' + description: partition is the partition in the volume + that you want to mount. format: int32 type: integer readOnly: - description: 'Specify "true" to force and set the - ReadOnly property in VolumeMounts to "true". If - omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: readOnly value true will force the + readOnly setting in... type: boolean volumeID: - description: 'Unique ID of the persistent disk resource - in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: volumeID is unique ID of the persistent + disk resource in AWS... type: string required: - volumeID type: object azureDisk: - description: AzureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. + description: azureDisk represents an Azure Data Disk + mount on the host and... properties: cachingMode: - description: 'Host Caching mode: None, Read Only, - Read Write.' + description: 'cachingMode is the Host Caching mode: + None, Read Only, Read...' type: string diskName: - description: The Name of the data disk in the blob - storage + description: diskName is the Name of the data disk + in the blob storage type: string diskURI: - description: The URI the data disk in the blob storage + description: diskURI is the URI of data disk in + the blob storage type: string fsType: - description: Filesystem type to mount. Must be a - filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. + default: ext4 + description: fsType is Filesystem type to mount. type: string kind: - description: 'Expected values Shared: multiple blob - disks per storage account Dedicated: single blob - disk per storage account Managed: azure managed - data disk (only in managed availability set). - defaults to shared' + description: 'kind expected values are Shared: multiple + blob disks per...' type: string readOnly: - description: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + default: false + description: readOnly Defaults to false (read/write). type: boolean required: - diskName - diskURI type: object azureFile: - description: AzureFile represents an Azure File Service - mount on the host and bind mount to the pod. + description: azureFile represents an Azure File Service + mount on the host... properties: readOnly: - description: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: readOnly defaults to false (read/write). type: boolean secretName: - description: the name of secret that contains Azure - Storage Account Name and Key + description: secretName is the name of secret that + contains Azure Storage... type: string shareName: - description: Share Name + description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: CephFS represents a Ceph FS mount on the - host that shares a pod's lifetime + description: cephFS represents a Ceph FS mount on the + host that shares a... properties: monitors: - description: 'Required: Monitors is a collection - of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: 'monitors is Required: Monitors is + a collection of Ceph monitors...' items: type: string type: array + x-kubernetes-list-type: atomic path: - description: 'Optional: Used as the mounted root, - rather than the full Ceph tree, default is /' + description: 'path is Optional: Used as the mounted + root, rather than the...' type: string readOnly: - description: 'Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: 'readOnly is Optional: Defaults to + false (read/write).' type: boolean secretFile: - description: 'Optional: SecretFile is the path to - key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: 'secretFile is Optional: SecretFile + is the path to key ring for...' type: string secretRef: - description: 'Optional: SecretRef is reference to - the authentication secret for User, default is - empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: 'secretRef is Optional: SecretRef is + reference to the...' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string type: object + x-kubernetes-map-type: atomic user: - description: 'Optional: User is the rados user name, - default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: 'user is optional: User is the rados + user name, default is admin...' type: string required: - monitors type: object cinder: - description: 'Cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: cinder represents a cinder volume attached + and mounted on... properties: fsType: - description: 'Filesystem type to mount. Must be - a filesystem type supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://examples.k8s.io/mysql-cinder-pd/README.md' + description: fsType is the filesystem type to mount. type: string readOnly: - description: 'Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: readOnly defaults to false (read/write). type: boolean secretRef: - description: 'Optional: points to a secret object - containing parameters used to connect to OpenStack.' + description: 'secretRef is optional: points to a + secret object containing...' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string type: object + x-kubernetes-map-type: atomic volumeID: - description: 'volume id used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: volumeID used to identify the volume + in cinder. type: string required: - volumeID type: object configMap: - description: ConfigMap represents a configMap that should - populate this volume + description: configMap represents a configMap that should + populate this... properties: defaultMode: - description: 'Optional: mode bits used to set permissions - on created files by default. Must be an octal - value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal values for - mode bits. Defaults to 0644. Directories within - the path are not affected by this setting. This - might be in conflict with other options that affect - the file mode, like fsGroup, and the result can - be other mode bits set.' + description: 'defaultMode is optional: mode bits + used to set permissions on...' format: int32 type: integer items: - description: If unspecified, each key-value pair - in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the ConfigMap, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. + description: items if unspecified, each key-value + pair in the Data field of... items: description: Maps a string key to a path within a volume. properties: key: - description: The key to project. + description: key is the key to project. type: string mode: - description: 'Optional: mode bits used to - set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits set.' + description: 'mode is Optional: mode bits + used to set permissions on this...' format: int32 type: integer path: - description: The relative path of the file - to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. + description: path is the relative path of + the file to map the key to. type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + default: "" + description: Name of the referent. type: string optional: - description: Specify whether the ConfigMap or its - keys must be defined + description: optional specify whether the ConfigMap + or its keys must be... type: boolean type: object + x-kubernetes-map-type: atomic csi: - description: CSI (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). + description: csi (Container Storage Interface) represents + ephemeral storage... properties: driver: - description: Driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. + description: driver is the name of the CSI driver + that handles this volume. type: string fsType: - description: Filesystem type to mount. Ex. "ext4", - "xfs", "ntfs". If not provided, the empty value - is passed to the associated CSI driver which will - determine the default filesystem to apply. + description: fsType to mount. Ex. "ext4", "xfs", + "ntfs". type: string nodePublishSecretRef: - description: NodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if no - secret is required. If the secret object contains - more than one secret, all secret references are - passed. + description: nodePublishSecretRef is a reference + to the secret object... properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string type: object + x-kubernetes-map-type: atomic readOnly: - description: Specifies a read-only configuration - for the volume. Defaults to false (read/write). + description: readOnly specifies a read-only configuration + for the volume. type: boolean volumeAttributes: additionalProperties: type: string - description: VolumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. + description: volumeAttributes stores driver-specific + properties that are... type: object required: - driver type: object downwardAPI: - description: DownwardAPI represents downward API about - the pod that should populate this volume + description: downwardAPI represents downward API about + the pod that should... properties: defaultMode: description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' + files by default.' format: int32 type: integer items: @@ -5062,18 +4748,15 @@ spec: file items: description: DownwardAPIVolumeFile represents - information to create the file containing the - pod field + information to create the file... properties: fieldRef: description: 'Required: Selects a field of - the pod: only annotations, labels, name - and namespace are supported.' + the pod: only annotations, labels,...' properties: apiVersion: description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". + FieldPath is written in terms of,... type: string fieldPath: description: Path of the field to select @@ -5082,31 +4765,19 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: description: 'Optional: mode bits used to - set permissions on this file, must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits set.' + set permissions on this file, must...' format: int32 type: integer path: description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of - the relative path must not start with ''..''' + path name of the file to be...' type: string resourceFieldRef: description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' + only resources limits and...' properties: containerName: description: 'Container name: required @@ -5117,8 +4788,7 @@ spec: - type: integer - type: string description: Specifies the output format - of the exposed resources, defaults to - "1" + of the exposed resources, defaults... pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: @@ -5127,92 +4797,41 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: - description: 'EmptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: emptyDir represents a temporary directory + that shares a pod's... properties: medium: - description: 'What type of storage medium should - back this directory. The default is "" which means - to use the node''s default medium. Must be an - empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: medium represents what type of storage + medium should back this... type: string sizeLimit: anyOf: - type: integer - type: string - description: 'Total amount of local storage required - for this EmptyDir volume. The size limit is also - applicable for memory medium. The maximum usage - on memory medium EmptyDir would be the minimum - value between the SizeLimit specified here and - the sum of memory limits of all containers in - a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + description: sizeLimit is the total amount of local + storage required for... pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "Ephemeral represents a volume that is - handled by a cluster storage driver (Alpha feature). - The volume's lifecycle is tied to the pod that defines - it - it will be created before the pod starts, and - deleted when the pod is removed. \n Use this if: a) - the volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or - capacity tracking are needed, c) the storage driver - is specified through a storage class, and d) the storage - driver supports dynamic volume provisioning through - \ a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between - this volume type and PersistentVolumeClaim). \n - Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the - lifecycle of an individual pod. \n Use CSI for light-weight - local ephemeral volumes if the CSI driver is meant - to be used that way - see the documentation of the - driver for more information. \n A pod can use both - types of ephemeral volumes and persistent volumes - at the same time." + description: ephemeral represents a volume that is handled + by a cluster... properties: - readOnly: - description: Specifies a read-only configuration - for the volume. Defaults to false (read/write). - type: boolean volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will be - the owner of the PVC, i.e. the PVC will be deleted - together with the pod. The name of the PVC will - be `-` where `` - is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too - long). \n An existing PVC with that name that - is not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume by - mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created - PVC is meant to be used by the pod, the PVC has - to updated with an owner reference to the pod - once the pod exists. Normally this should not - be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." + description: Will be used to create a stand-alone + PVC to provision the... properties: metadata: description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. + that will be copied into the... properties: annotations: additionalProperties: @@ -5233,40 +4852,22 @@ spec: type: object spec: description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'AccessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + description: accessModes contains the desired + access modes the volume should... items: type: string type: array + x-kubernetes-list-type: atomic dataSource: - description: 'This field can be used to - specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - * An existing custom resource that implements - data population (Alpha) In order to use - custom resource types that implement data - population, the AnyVolumeDataSource feature - gate must be enabled. If the provisioner - or an external controller can support - the specified data source, it will create - a new volume based on the contents of - the specified data source.' + description: |- + dataSource field can be used to specify either: + * An existing... properties: apiGroup: description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. + the resource being referenced. type: string kind: description: Kind is the type of resource @@ -5280,10 +4881,35 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: dataSourceRef specifies the + object from which to populate the... + properties: + apiGroup: + description: APIGroup is the group for + the resource being referenced. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note... + type: string + required: + - kind + - name + type: object resources: - description: 'Resources represents the minimum - resources the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + description: resources represents the minimum + resources the volume should... properties: limits: additionalProperties: @@ -5292,9 +4918,8 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + description: Limits describes the maximum + amount of compute resources... type: object requests: additionalProperties: @@ -5303,28 +4928,20 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted for - a container, it defaults to Limits - if that is explicitly specified, otherwise - to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + description: Requests describes the + minimum amount of compute resources... type: object type: object selector: - description: A label query over volumes - to consider for binding. + description: selector is a label query over + volumes to consider for binding. properties: matchExpressions: description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. + of label selector requirements. items: description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + is a selector that contains... properties: key: description: key is the label @@ -5334,52 +4951,44 @@ spec: operator: description: operator represents a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. + of values. type: string values: description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. + of string values. items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + {key,value} pairs. type: object type: object + x-kubernetes-map-type: atomic storageClassName: - description: 'Name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + description: storageClassName is the name + of the StorageClass required by... + type: string + volumeAttributesClassName: + description: volumeAttributesClassName may + be used to set the... type: string volumeMode: description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. + of volume is required by the claim. type: string volumeName: - description: VolumeName is the binding reference - to the PersistentVolume backing this claim. + description: volumeName is the binding reference + to the PersistentVolume... type: string type: object required: @@ -5387,272 +4996,227 @@ spec: type: object type: object fc: - description: FC represents a Fibre Channel resource - that is attached to a kubelet's host machine and then - exposed to the pod. + description: fc represents a Fibre Channel resource + that is attached to a... properties: fsType: - description: 'Filesystem type to mount. Must be - a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' + description: fsType is the filesystem type to mount. type: string lun: - description: 'Optional: FC target lun number' + description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts.' + description: 'readOnly is Optional: Defaults to + false (read/write).' type: boolean targetWWNs: - description: 'Optional: FC target worldwide names - (WWNs)' + description: 'targetWWNs is Optional: FC target + worldwide names (WWNs)' items: type: string type: array + x-kubernetes-list-type: atomic wwids: - description: 'Optional: FC volume world wide identifiers - (wwids) Either wwids or combination of targetWWNs - and lun must be set, but not both simultaneously.' + description: |- + wwids Optional: FC volume world wide identifiers (wwids) + Either... items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: - description: FlexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. + description: flexVolume represents a generic volume + resource that is... properties: driver: - description: Driver is the name of the driver to + description: driver is the name of the driver to use for this volume. type: string fsType: - description: Filesystem type to mount. Must be a - filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". The default - filesystem depends on FlexVolume script. + description: fsType is the filesystem type to mount. type: string options: additionalProperties: type: string - description: 'Optional: Extra command options if - any.' + description: 'options is Optional: this field holds + extra command options if...' type: object readOnly: - description: 'Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts.' + description: 'readOnly is Optional: defaults to + false (read/write).' type: boolean secretRef: - description: 'Optional: SecretRef is reference to - the secret object containing sensitive information - to pass to the plugin scripts. This may be empty - if no secret object is specified. If the secret - object contains more than one secret, all secrets - are passed to the plugin scripts.' + description: 'secretRef is Optional: secretRef is + reference to the secret...' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string type: object + x-kubernetes-map-type: atomic required: - driver type: object flocker: - description: Flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running + description: flocker represents a Flocker volume attached + to a kubelet's... properties: datasetName: - description: Name of the dataset stored as metadata - -> name on the dataset for Flocker should be considered - as deprecated + description: datasetName is Name of the dataset + stored as metadata -> name... type: string datasetUUID: - description: UUID of the dataset. This is unique - identifier of a Flocker dataset + description: datasetUUID is the UUID of the dataset. type: string type: object gcePersistentDisk: - description: 'GCEPersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: gcePersistentDisk represents a GCE Disk + resource that is... properties: fsType: - description: 'Filesystem type of the volume that - you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: fsType is filesystem type of the volume + that you want to mount. type: string partition: - description: 'The partition in the volume that you - want to mount. If omitted, the default is to mount - by volume name. Examples: For volume /dev/sda1, - you specify the partition as "1". Similarly, the - volume partition for /dev/sda is "0" (or you can - leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: partition is the partition in the volume + that you want to mount. format: int32 type: integer pdName: - description: 'Unique name of the PD resource in - GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: pdName is unique name of the PD resource + in GCE. type: string readOnly: - description: 'ReadOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: readOnly here will force the ReadOnly + setting in VolumeMounts. type: boolean required: - pdName type: object gitRepo: - description: 'GitRepo represents a git repository at - a particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an - EmptyDir into an InitContainer that clones the repo - using git, then mount the EmptyDir into the Pod''s - container.' + description: gitRepo represents a git repository at + a particular revision. properties: directory: - description: Target directory name. Must not contain - or start with '..'. If '.' is supplied, the volume - directory will be the git repository. Otherwise, - if specified, the volume will contain the git - repository in the subdirectory with the given - name. + description: directory is the target directory name. type: string repository: - description: Repository URL + description: repository is the URL type: string revision: - description: Commit hash for the specified revision. + description: revision is the commit hash for the + specified revision. type: string required: - repository type: object glusterfs: - description: 'Glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/glusterfs/README.md' + description: glusterfs represents a Glusterfs mount + on the host that shares... properties: endpoints: - description: 'EndpointsName is the endpoint name - that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: endpoints is the endpoint name that + details Glusterfs topology. type: string path: - description: 'Path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + path is the Glusterfs volume path. + More info: https://examples. type: string readOnly: - description: 'ReadOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: readOnly here will force the Glusterfs + volume to be mounted... type: boolean required: - endpoints - path type: object hostPath: - description: 'HostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used for - system agents or other privileged things that are - allowed to see the host machine. Most containers will - NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount host - directories as read/write.' + description: hostPath represents a pre-existing file + or directory on the... properties: path: - description: 'Path of the directory on the host. - If the path is a symlink, it will follow the link - to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: path of the directory on the host. type: string type: - description: 'Type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: |- + type for HostPath Volume + Defaults to "" + More info:... type: string required: - path type: object + image: + description: image represents an OCI object (a container + image or artifact)... + properties: + pullPolicy: + description: Policy for pulling OCI objects. + type: string + reference: + description: 'Required: Image or artifact reference + to be used.' + type: string + type: object iscsi: - description: 'ISCSI represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + description: iscsi represents an ISCSI Disk resource + that is attached to a... properties: chapAuthDiscovery: - description: whether support iSCSI Discovery CHAP - authentication + description: chapAuthDiscovery defines whether support + iSCSI Discovery CHAP... type: boolean chapAuthSession: - description: whether support iSCSI Session CHAP - authentication + description: chapAuthSession defines whether support + iSCSI Session CHAP... type: boolean fsType: - description: 'Filesystem type of the volume that - you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: fsType is the filesystem type of the + volume that you want to... type: string initiatorName: - description: Custom iSCSI Initiator Name. If initiatorName - is specified with iscsiInterface simultaneously, - new iSCSI interface : - will be created for the connection. + description: initiatorName is the custom iSCSI Initiator + Name. type: string iqn: - description: Target iSCSI Qualified Name. + description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iSCSI Interface Name that uses an iSCSI - transport. Defaults to 'default' (tcp). + default: default + description: iscsiInterface is the interface Name + that uses an iSCSI... type: string lun: - description: iSCSI Target Lun number. + description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: iSCSI Target Portal List. The portal - is either an IP or ip_addr:port if the port is - other than default (typically TCP ports 860 and - 3260). + description: portals is the iSCSI Target Portal + List. items: type: string type: array + x-kubernetes-list-type: atomic readOnly: - description: ReadOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. + description: readOnly here will force the ReadOnly + setting in VolumeMounts. type: boolean secretRef: - description: CHAP Secret for iSCSI target and initiator - authentication + description: secretRef is the CHAP Secret for iSCSI + target and initiator... properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string type: object + x-kubernetes-map-type: atomic targetPortal: - description: iSCSI Target Portal. The Portal is - either an IP or ip_addr:port if the port is other - than default (typically TCP ports 860 and 3260). + description: targetPortal is iSCSI Target Portal. type: string required: - iqn @@ -5660,197 +5224,216 @@ spec: - targetPortal type: object name: - description: 'Volume''s name. Must be a DNS_LABEL and - unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: name of the volume. type: string nfs: - description: 'NFS represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: nfs represents an NFS mount on the host + that shares a pod's... properties: path: - description: 'Path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: path that is exported by the NFS server. type: string readOnly: - description: 'ReadOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: readOnly here will force the NFS export + to be mounted with... type: boolean server: - description: 'Server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: server is the hostname or IP address + of the NFS server. type: string required: - path - server type: object persistentVolumeClaim: - description: 'PersistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: persistentVolumeClaimVolumeSource represents + a reference to a... properties: claimName: - description: 'ClaimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: claimName is the name of a PersistentVolumeClaim + in the same... type: string readOnly: - description: Will force the ReadOnly setting in - VolumeMounts. Default false. + description: readOnly Will force the ReadOnly setting + in VolumeMounts. type: boolean required: - claimName type: object photonPersistentDisk: - description: PhotonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine + description: photonPersistentDisk represents a PhotonController + persistent... properties: fsType: - description: Filesystem type to mount. Must be a - filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. + description: fsType is the filesystem type to mount. type: string pdID: - description: ID that identifies Photon Controller - persistent disk + description: pdID is the ID that identifies Photon + Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: PortworxVolume represents a portworx volume - attached and mounted on kubelets host machine + description: portworxVolume represents a portworx volume + attached and... properties: fsType: - description: FSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. + description: |- + fSType represents the filesystem type to mount + Must be a... type: string readOnly: - description: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: readOnly defaults to false (read/write). type: boolean volumeID: - description: VolumeID uniquely identifies a Portworx + description: volumeID uniquely identifies a Portworx volume type: string required: - volumeID type: object projected: - description: Items for all in one resources secrets, - configmaps, and downward API + description: projected items for all in one resources + secrets, configmaps,... properties: defaultMode: - description: Mode bits used to set permissions on - created files by default. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. Directories within the path are not affected - by this setting. This might be in conflict with - other options that affect the file mode, like - fsGroup, and the result can be other mode bits - set. + description: defaultMode are the mode bits used + to set permissions on... format: int32 type: integer sources: - description: list of volume projections + description: sources is the list of volume projections. items: description: Projection that may be projected - along with other supported volume types + along with other supported... properties: + clusterTrustBundle: + description: ClusterTrustBundle allows a pod + to access the `.spec. + properties: + labelSelector: + description: Select all ClusterTrustBundles + that match this label selector. + properties: + matchExpressions: + description: matchExpressions is a + list of label selector requirements. + items: + description: A label selector requirement + is a selector that contains... + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a + set of values. + type: string + values: + description: values is an array + of string values. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. + type: object + type: object + x-kubernetes-map-type: atomic + name: + description: Select a single ClusterTrustBundle + by object name. + type: string + optional: + description: If true, don't block pod + startup if the referenced... + type: boolean + path: + description: Relative path from the volume + root to write the bundle. + type: string + signerName: + description: Select all ClusterTrustBundles + that match this signer name. + type: string + required: + - path + type: object configMap: - description: information about the configMap - data to project + description: configMap information about the + configMap data to project properties: items: - description: If unspecified, each key-value - pair in the Data field of the referenced - ConfigMap will be projected into the - volume as a file whose name is the key - and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or - start with '..'. + description: items if unspecified, each + key-value pair in the Data field of... items: description: Maps a string key to a path within a volume. properties: key: - description: The key to project. + description: key is the key to project. type: string mode: - description: 'Optional: mode bits - used to set permissions on this - file. Must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, - JSON requires decimal values for - mode bits. If not specified, the - volume defaultMode will be used. - This might be in conflict with - other options that affect the - file mode, like fsGroup, and the - result can be other mode bits - set.' + description: 'mode is Optional: + mode bits used to set permissions + on this...' format: int32 type: integer path: - description: The relative path of - the file to map the key to. May - not be an absolute path. May not - contain the path element '..'. - May not start with the string - '..'. + description: path is the relative + path of the file to map the key + to. type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: - description: Specify whether the ConfigMap - or its keys must be defined + description: optional specify whether + the ConfigMap or its keys must be... type: boolean type: object + x-kubernetes-map-type: atomic downwardAPI: - description: information about the downwardAPI - data to project + description: downwardAPI information about + the downwardAPI data to project properties: items: description: Items is a list of DownwardAPIVolume file items: description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field + information to create the file... properties: fieldRef: description: 'Required: Selects a field of the pod: only annotations, - labels, name and namespace are - supported.' + labels,...' properties: apiVersion: description: Version of the schema the FieldPath is written - in terms of, defaults to "v1". + in terms of,... type: string fieldPath: description: Path of the field @@ -5860,39 +5443,22 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic mode: description: 'Optional: mode bits used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, - JSON requires decimal values for - mode bits. If not specified, the - volume defaultMode will be used. - This might be in conflict with - other options that affect the - file mode, like fsGroup, and the - result can be other mode bits - set.' + file, must...' format: int32 type: integer path: description: 'Required: Path is the relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not - start with ''..''' + to be...' type: string resourceFieldRef: description: 'Selects a resource of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu and - requests.memory) are currently - supported.' + limits and...' properties: containerName: description: 'Container name: @@ -5905,7 +5471,7 @@ spec: - type: string description: Specifies the output format of the exposed resources, - defaults to "1" + defaults... pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: @@ -5915,265 +5481,216 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic required: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: - description: information about the secret - data to project + description: secret information about the + secret data to project properties: items: - description: If unspecified, each key-value - pair in the Data field of the referenced - Secret will be projected into the volume - as a file whose name is the key and - content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or - start with '..'. + description: items if unspecified, each + key-value pair in the Data field of... items: description: Maps a string key to a path within a volume. properties: key: - description: The key to project. + description: key is the key to project. type: string mode: - description: 'Optional: mode bits - used to set permissions on this - file. Must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, - JSON requires decimal values for - mode bits. If not specified, the - volume defaultMode will be used. - This might be in conflict with - other options that affect the - file mode, like fsGroup, and the - result can be other mode bits - set.' + description: 'mode is Optional: + mode bits used to set permissions + on this...' format: int32 type: integer path: - description: The relative path of - the file to map the key to. May - not be an absolute path. May not - contain the path element '..'. - May not start with the string - '..'. + description: path is the relative + path of the file to map the key + to. type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string optional: - description: Specify whether the Secret - or its key must be defined + description: optional field specify whether + the Secret or its key must be... type: boolean type: object + x-kubernetes-map-type: atomic serviceAccountToken: - description: information about the serviceAccountToken - data to project + description: serviceAccountToken is information + about the... properties: audience: - description: Audience is the intended - audience of the token. A recipient of - a token must identify itself with an - identifier specified in the audience - of the token, and otherwise should reject - the token. The audience defaults to - the identifier of the apiserver. + description: audience is the intended + audience of the token. type: string expirationSeconds: - description: ExpirationSeconds is the - requested duration of validity of the - service account token. As the token - approaches expiration, the kubelet volume - plugin will proactively rotate the service - account token. The kubelet will start - trying to rotate the token if the token - is older than 80 percent of its time - to live or if the token is older than - 24 hours.Defaults to 1 hour and must - be at least 10 minutes. + description: expirationSeconds is the + requested duration of validity of the... format: int64 type: integer path: - description: Path is the path relative - to the mount point of the file to project - the token into. + description: path is the path relative + to the mount point of the file to... type: string required: - path type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: - description: Quobyte represents a Quobyte mount on the - host that shares a pod's lifetime + description: quobyte represents a Quobyte mount on the + host that shares a... properties: group: - description: Group to map volume access to Default - is no group + description: |- + group to map volume access to + Default is no group type: string readOnly: - description: ReadOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. + description: readOnly here will force the Quobyte + volume to be mounted with... type: boolean registry: - description: Registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes + description: registry represents a single or multiple + Quobyte Registry... type: string tenant: - description: Tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin + description: |- + tenant owning the given Quobyte volume in the Backend + Used with... type: string user: - description: User to map volume access to Defaults - to serivceaccount user + description: |- + user to map volume access to + Defaults to serivceaccount user type: string volume: - description: Volume is a string that references - an already created Quobyte volume by name. + description: volume is a string that references + an already created Quobyte... type: string required: - registry - volume type: object rbd: - description: 'RBD represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' + description: rbd represents a Rados Block Device mount + on the host that... properties: fsType: - description: 'Filesystem type of the volume that - you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' + description: fsType is the filesystem type of the + volume that you want to... type: string image: - description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + image is the rados image name. + More info: https://examples.k8s. type: string keyring: - description: 'Keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: /etc/ceph/keyring + description: keyring is the path to key ring for + RBDUser. type: string monitors: - description: 'A collection of Ceph monitors. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: monitors is a collection of Ceph monitors. items: type: string type: array + x-kubernetes-list-type: atomic pool: - description: 'The rados pool name. Default is rbd. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: rbd + description: |- + pool is the rados pool name. + Default is rbd. type: string readOnly: - description: 'ReadOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: readOnly here will force the ReadOnly + setting in VolumeMounts. type: boolean secretRef: - description: 'SecretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: secretRef is name of the authentication + secret for RBDUser. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string type: object + x-kubernetes-map-type: atomic user: - description: 'The rados user name. Default is admin. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + default: admin + description: |- + user is the rados user name. + Default is admin. type: string required: - image - monitors type: object scaleIO: - description: ScaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. + description: scaleIO represents a ScaleIO persistent + volume attached and... properties: fsType: - description: Filesystem type to mount. Must be a - filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Default is - "xfs". + default: xfs + description: fsType is the filesystem type to mount. type: string gateway: - description: The host address of the ScaleIO API - Gateway. + description: gateway is the host address of the + ScaleIO API Gateway. type: string protectionDomain: - description: The name of the ScaleIO Protection - Domain for the configured storage. + description: protectionDomain is the name of the + ScaleIO Protection Domain... type: string readOnly: - description: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: readOnly Defaults to false (read/write). type: boolean secretRef: - description: SecretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. + description: secretRef references to the secret + for ScaleIO user and other... properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string type: object + x-kubernetes-map-type: atomic sslEnabled: - description: Flag to enable/disable SSL communication - with Gateway, default false + description: sslEnabled Flag enable/disable SSL + communication with Gateway,... type: boolean storageMode: - description: Indicates whether the storage for a - volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. + default: ThinProvisioned + description: storageMode indicates whether the storage + for a volume should... type: string storagePool: - description: The ScaleIO Storage Pool associated - with the protection domain. + description: storagePool is the ScaleIO Storage + Pool associated with the... type: string system: - description: The name of the storage system as configured - in ScaleIO. + description: system is the name of the storage system + as configured in... type: string volumeName: - description: The name of a volume already created - in the ScaleIO system that is associated with - this volume source. + description: volumeName is the name of a volume + already created in the... type: string required: - gateway @@ -6181,138 +5698,95 @@ spec: - system type: object secret: - description: 'Secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + description: secret represents a secret that should + populate this volume. properties: defaultMode: - description: 'Optional: mode bits used to set permissions - on created files by default. Must be an octal - value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal values for - mode bits. Defaults to 0644. Directories within - the path are not affected by this setting. This - might be in conflict with other options that affect - the file mode, like fsGroup, and the result can - be other mode bits set.' + description: 'defaultMode is Optional: mode bits + used to set permissions on...' format: int32 type: integer items: - description: If unspecified, each key-value pair - in the Data field of the referenced Secret will - be projected into the volume as a file whose name - is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the Secret, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. + description: items If unspecified, each key-value + pair in the Data field of... items: description: Maps a string key to a path within a volume. properties: key: - description: The key to project. + description: key is the key to project. type: string mode: - description: 'Optional: mode bits used to - set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits set.' + description: 'mode is Optional: mode bits + used to set permissions on this...' format: int32 type: integer path: - description: The relative path of the file - to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. + description: path is the relative path of + the file to map the key to. type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic optional: - description: Specify whether the Secret or its keys - must be defined + description: optional field specify whether the + Secret or its keys must be... type: boolean secretName: - description: 'Name of the secret in the pod''s namespace - to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + description: secretName is the name of the secret + in the pod's namespace to... type: string type: object storageos: - description: StorageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. + description: storageOS represents a StorageOS volume + attached and mounted on... properties: fsType: - description: Filesystem type to mount. Must be a - filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. + description: fsType is the filesystem type to mount. type: string readOnly: - description: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: readOnly defaults to false (read/write). type: boolean secretRef: - description: SecretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. + description: secretRef specifies the secret to use + for obtaining the... properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' + default: "" + description: Name of the referent. type: string type: object + x-kubernetes-map-type: atomic volumeName: - description: VolumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. + description: volumeName is the human-readable name + of the StorageOS volume. type: string volumeNamespace: - description: VolumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter integration. - Set VolumeName to any name to override the default - behaviour. Set to "default" if you are not using - namespaces within StorageOS. Namespaces that do - not pre-exist within StorageOS will be created. + description: volumeNamespace specifies the scope + of the volume within... type: string type: object vsphereVolume: - description: VsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine + description: vsphereVolume represents a vSphere volume + attached and mounted... properties: fsType: - description: Filesystem type to mount. Must be a - filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. + description: fsType is filesystem type to mount. type: string storagePolicyID: - description: Storage Policy Based Management (SPBM) - profile ID associated with the StoragePolicyName. + description: storagePolicyID is the storage Policy + Based Management (SPBM)... type: string storagePolicyName: - description: Storage Policy Based Management (SPBM) - profile name. + description: storagePolicyName is the storage Policy + Based Management (SPBM)... type: string volumePath: - description: Path that identifies vSphere volume - vmdk + description: volumePath is the path that identifies + vSphere volume vmdk type: string required: - volumePath @@ -6321,6 +5795,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map required: - containers type: object @@ -6339,12 +5816,12 @@ spec: type: integer keyBatchSize: description: Number of keys to get from a single slot during each - migration iteration + migration... format: int32 type: integer keyMigration: description: KeyMigration whether or not to migrate keys during - a rolling update + a rolling... type: boolean slotBatchSize: description: Number of slots to to migrate on each iteration @@ -6364,7 +5841,7 @@ spec: type: integer keyBatchSize: description: Number of keys to get from a single slot during each - migration iteration + migration... format: int32 type: integer slotBatchSize: @@ -6374,12 +5851,11 @@ spec: type: object serviceName: description: ServiceName name used to create the kubernetes service - that fronts the RedisCluster nodes. If ServiceName is empty, the - RedisCluster name will be used for creating the service. + that... type: string zoneAwareReplication: description: ZoneAwareReplication spreads primary and replica nodes - across all available zones + across... type: boolean type: object status: @@ -6433,8 +5909,7 @@ spec: description: NodesPlacementInfo Redis Nodes placement mode information type: string numberOfPods: - description: In theory, we always have NumberOfPods > NumberOfRedisNodesRunning - > NumberOfPodsReady + description: In theory, we always have NumberOfPods >... format: int32 type: integer numberOfPodsReady: @@ -6462,10 +5937,9 @@ spec: type: object conditions: description: Conditions represent the latest available observations - of an object's current state. + of an... items: - description: RedisClusterCondition represent the condition of the - RedisCluster + description: RedisClusterCondition represent the condition of the... properties: lastProbeTime: description: Last time the condition was checked. @@ -6496,9 +5970,7 @@ spec: type: array startTime: description: StartTime represents time when the workflow was acknowledged - by the Workflow controller It is not guaranteed to be set in happens-before - order across separate operations. It is represented in RFC3339 form - and is in UTC. StartTime doesn't consider startime of `ExternalReference` + by... format: date-time type: string required: @@ -6513,9 +5985,3 @@ spec: specReplicasPath: .spec.numberOfPrimaries statusReplicasPath: .status.cluster.numberOfPrimariesReady status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/charts/operator-for-redis/templates/deployment.yaml b/charts/operator-for-redis/templates/deployment.yaml index 813beed3..b1c7a7cf 100644 --- a/charts/operator-for-redis/templates/deployment.yaml +++ b/charts/operator-for-redis/templates/deployment.yaml @@ -48,7 +48,7 @@ spec: - name: NAMESPACE value: {{ .Release.Namespace | quote }} - name: LEADERELECTION_ENABLED - value: {{ if gt .Values.replicaCount 1.0 }}"true"{{ else }}"false"{{ end }} + value: {{ if gt (int .Values.replicaCount) 1 }}"true"{{ else }}"false"{{ end }} args: [{{- include "operator-for-redis.arglist" . | nindent 12 }}] {{- with .Values.securityContext }} securityContext: diff --git a/charts/operator-for-redis/values.yaml b/charts/operator-for-redis/values.yaml index cc0cfd9f..ee322bf5 100644 --- a/charts/operator-for-redis/values.yaml +++ b/charts/operator-for-redis/values.yaml @@ -5,7 +5,7 @@ replicaCount: 1 image: - repository: ibmcom/operator-for-redis + repository: cinple/operator-for-redis-cluster-operator # Overrides the image tag whose default is the chart appVersion tag: "" pullPolicy: IfNotPresent diff --git a/cmd/kubectl-rc/cluster-status.go b/cmd/kubectl-rc/cluster-status.go index 3d20cd48..6dc10e25 100644 --- a/cmd/kubectl-rc/cluster-status.go +++ b/cmd/kubectl-rc/cluster-status.go @@ -12,6 +12,8 @@ import ( rapi "github.com/IBM/operator-for-redis-cluster/api/v1alpha1" "github.com/olekukonko/tablewriter" + "github.com/olekukonko/tablewriter/renderer" + "github.com/olekukonko/tablewriter/tw" kapiv1 "k8s.io/api/core/v1" "k8s.io/client-go/rest" kclient "sigs.k8s.io/controller-runtime/pkg/client" @@ -65,7 +67,6 @@ func (cs *ClusterStatus) populatePodInfoStats(restConfig *rest.Config, podInfoMa wg := sync.WaitGroup{} for _, pod := range podInfoMap { wg.Add(1) - pod := pod go func() { defer wg.Done() cs.addToPodInfo(restConfig, clientset, pod.pod, parameterCodec, podInfoMap) @@ -150,17 +151,33 @@ func (cs *ClusterStatus) getRedisPods(client kclient.Client) error { } func (cs *ClusterStatus) outputRedisClusterStatus() { - table := tablewriter.NewWriter(os.Stdout) - table.SetHeader([]string{"POD_NAME", "IP", "NODE", "ID", "ZONE", "USED MEMORY", "MAX MEMORY", "KEYS", "SLOTS"}) - table.SetBorders(tablewriter.Border{Left: false, Top: false, Right: false, Bottom: false}) - table.SetHeaderAlignment(tablewriter.ALIGN_LEFT) - table.SetRowLine(false) - table.SetCenterSeparator("") - table.SetColumnSeparator("") - table.SetRowSeparator("") - table.SetAlignment(tablewriter.ALIGN_LEFT) - table.SetHeaderLine(false) - table.SetAutoWrapText(false) + table := tablewriter.NewTable(os.Stdout, + tablewriter.WithRenderer(renderer.NewBlueprint(tw.Rendition{ + Borders: tw.BorderNone, + Settings: tw.Settings{ + Separators: tw.Separators{ + BetweenRows: tw.Off, + BetweenColumns: tw.Off, + }, + Lines: tw.Lines{ + ShowHeaderLine: tw.Off, + }, + }, + })), + tablewriter.WithConfig(tablewriter.Config{ + Header: tw.CellConfig{ + Formatting: tw.CellFormatting{ + Alignment: tw.AlignLeft, + }, + }, + Row: tw.CellConfig{ + Formatting: tw.CellFormatting{ + Alignment: tw.AlignLeft, + }, + }, + })) + + table.Header("POD_NAME", "IP", "NODE", "ID", "ZONE", "USED MEMORY", "MAX MEMORY", "KEYS", "SLOTS") var sortedPrimaries []string for primary := range cs.primaryToReplicas { @@ -201,8 +218,8 @@ func (cs *ClusterStatus) outputRedisClusterStatus() { } for _, v := range info { - table.Append(v) + _ = table.Append(v) } - table.Append([]string{"", ""}) - table.Render() // Send output + _ = table.Append([]string{"", ""}) + _ = table.Render() } diff --git a/cmd/kubectl-rc/main.go b/cmd/kubectl-rc/main.go index 64fb278e..fb009286 100644 --- a/cmd/kubectl-rc/main.go +++ b/cmd/kubectl-rc/main.go @@ -21,6 +21,8 @@ import ( "github.com/golang/glog" "github.com/olekukonko/tablewriter" + "github.com/olekukonko/tablewriter/renderer" + "github.com/olekukonko/tablewriter/tw" kapiv1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" @@ -101,7 +103,6 @@ func buildRedisClusterStatuses(rcs *rapi.RedisClusterList, client kclient.Client var lock = sync.Mutex{} for i, cluster := range rcs.Items { wg.Add(1) - cluster := cluster index := i go func() { defer wg.Done() @@ -123,21 +124,39 @@ func outputRedisClusterState(data [][]string) { os.Exit(0) } - table := tablewriter.NewWriter(os.Stdout) - table.SetHeader([]string{"Name", "Namespace", "Pods", "Ops Status", "Redis Status", "Nb Primary", "Replication", "Zone Skew"}) - table.SetBorders(tablewriter.Border{Left: false, Top: false, Right: false, Bottom: false}) - table.SetHeaderAlignment(tablewriter.ALIGN_LEFT) - table.SetRowLine(false) - table.SetCenterSeparator("") - table.SetColumnSeparator("") - table.SetRowSeparator("") - table.SetAlignment(tablewriter.ALIGN_LEFT) - table.SetHeaderLine(false) + table := tablewriter.NewTable(os.Stdout, + tablewriter.WithRenderer(renderer.NewBlueprint(tw.Rendition{ + Borders: tw.BorderNone, + Settings: tw.Settings{ + Separators: tw.Separators{ + BetweenRows: tw.Off, + BetweenColumns: tw.Off, + }, + Lines: tw.Lines{ + ShowHeaderLine: tw.Off, + ShowFooterLine: tw.Off, + }, + }, + })), + tablewriter.WithConfig(tablewriter.Config{ + Header: tw.CellConfig{ + Formatting: tw.CellFormatting{ + Alignment: tw.AlignLeft, + }, + }, + Row: tw.CellConfig{ + Formatting: tw.CellFormatting{ + Alignment: tw.AlignLeft, + }, + }, + })) + + table.Header("Name", "Namespace", "Pods", "Ops Status", "Redis Status", "Nb Primary", "Replication", "Zone Skew") for _, v := range data { - table.Append(v) + _ = table.Append(v) } - table.Render() // Send output + _ = table.Render() } func hasStatus(cluster *rapi.RedisCluster, conditionType rapi.RedisClusterConditionType, status kapiv1.ConditionStatus) bool { diff --git a/cmd/kubectl-rc/pod-info.go b/cmd/kubectl-rc/pod-info.go index 194d444c..4f2b4bab 100644 --- a/cmd/kubectl-rc/pod-info.go +++ b/cmd/kubectl-rc/pod-info.go @@ -79,9 +79,10 @@ func (pi *PodInfo) populateMemoryStats(lines []string) { pi.maxMemory = getInfoValueString(line) } else if pi.role == "" && strings.Contains(line, "role:") { pi.role = getInfoValueString(line) - if pi.role == "master" { + switch pi.role { + case "master": pi.role = string(rapi.RedisClusterNodeRolePrimary) - } else if pi.role == "slave" { + case "slave": pi.role = string(rapi.RedisClusterNodeRoleReplica) } } diff --git a/cmd/metrics/main.go b/cmd/metrics/main.go index 9a82af3b..0d48dc69 100644 --- a/cmd/metrics/main.go +++ b/cmd/metrics/main.go @@ -82,11 +82,11 @@ func watchRedisCluster(client kclient.Client, rClient *rest.RESTClient, cluster options, ) - _, controller := cache.NewInformer( - watchlist, - &rapi.RedisCluster{}, - 0*time.Second, - cache.ResourceEventHandlerFuncs{ + _, controller := cache.NewInformerWithOptions(cache.InformerOptions{ + ListerWatcher: watchlist, + ObjectType: &rapi.RedisCluster{}, + ResyncPeriod: 0 * time.Second, + Handler: cache.ResourceEventHandlerFuncs{ UpdateFunc: func(oldObj interface{}, newObj interface{}) { if newCluster, ok := newObj.(*rapi.RedisCluster); ok { k8sNodes, err := utils.GetKubeNodes(context.Background(), client, cluster.Spec.PodTemplate.Spec.NodeSelector) @@ -97,7 +97,7 @@ func watchRedisCluster(client kclient.Client, rClient *rest.RESTClient, cluster } }, }, - ) + }) stop := make(chan struct{}) go controller.Run(stop) return stop diff --git a/cmd/operator/main.go b/cmd/operator/main.go index 90b5baf5..1c9938cc 100644 --- a/cmd/operator/main.go +++ b/cmd/operator/main.go @@ -3,6 +3,8 @@ package main import ( "flag" + ctrlserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" + rapi "github.com/IBM/operator-for-redis-cluster/api/v1alpha1" "github.com/IBM/operator-for-redis-cluster/pkg/controller" "github.com/IBM/operator-for-redis-cluster/pkg/garbagecollector" @@ -48,8 +50,10 @@ func main() { restConfig := ctrl.GetConfigOrDie() mgr, err := ctrl.NewManager(restConfig, ctrl.Options{ - Scheme: scheme, - MetricsBindAddress: config.MetricsAddr, + Scheme: scheme, + Metrics: ctrlserver.Options{ + BindAddress: config.MetricsAddr, + }, HealthProbeBindAddress: config.HealthCheckAddr, LeaderElection: config.LeaderElectionEnabled, LeaderElectionID: leaderElectionID, diff --git a/docs/docs/CONTRIBUTING.md b/docs/docs/CONTRIBUTING.md index bda99cd1..181c3e36 100644 --- a/docs/docs/CONTRIBUTING.md +++ b/docs/docs/CONTRIBUTING.md @@ -39,7 +39,7 @@ $ make generate $ make fmt find . -name '*.go' -not -wholename './vendor/*' | while read -r file; do gofmt -w -s "$file"; goimports -w "$file"; done $ make lint -golangci-lint run --enable exportloopref +golangci-lint run --enable copyloopvar $ make test ./go.test.sh ... diff --git a/docs/docs/cookbook.md b/docs/docs/cookbook.md index 4a490e15..056207be 100644 --- a/docs/docs/cookbook.md +++ b/docs/docs/cookbook.md @@ -69,31 +69,43 @@ From the project root directory, create your kind cluster using the e2e test con $ kind create cluster --config ./test/e2e/kind_config.yml ``` -Build the required docker images: +Build the required docker images (with optional PREFIX and PLATFORM): ```console -make container PREFIX= TAG=latest +make container PREFIX=cinple/ TAG=latest PLATFORM=linux/amd64 ``` +- The default PLATFORM is linux/amd64. To build for Apple Silicon (M1/M2), use `PLATFORM=linux/arm64`. +- The PREFIX variable lets you namespace your images (e.g., `cinple/`). + Once the kind cluster is up and running, load the images into the kind cluster: ```console -$ kind load docker-image operator-for-redis:latest -$ kind load docker-image node-for-redis:latest -$ kind load docker-image metrics-for-redis:latest +$ kind load docker-image cinple/operator-for-redis-cluster-operator:latest +$ kind load docker-image cinple/operator-for-redis-cluster-node:latest +$ kind load docker-image cinple/operator-for-redis-cluster-metrics:latest ``` ### Deploy a Redis operator Install the `operator-for-redis` Helm chart: ```console -$ helm install op charts/operator-for-redis --wait --set image.repository=operator-for-redis --set image.tag=latest +$ helm install op charts/operator-for-redis --wait --set image.repository=cinple/operator-for-redis-cluster-operator --set image.tag=latest NAME: op -LAST DEPLOYED: Thu Oct 21 15:11:51 2021 +LAST DEPLOYED: NAMESPACE: default STATUS: deployed REVISION: 1 TEST SUITE: None ``` +### Notes on Multi-Architecture Builds + +- The Makefile now supports multi-architecture builds using `docker buildx` and the `PLATFORM` variable. +- Example for Apple Silicon (M1/M2): + ```console + make container-operator PLATFORM=linux/arm64 + ``` +- All Go binaries and Docker images will be built for the specified platform. + Confirm that the operator is running properly: ```console @@ -155,23 +167,23 @@ If you followed the steps for creating a `kind` cluster with the e2e test config Build the required docker images: ```console -make container PREFIX=ibmcom/ TAG=local -make container-node PREFIX=ibmcom/ TAG=new +make container PREFIX=cinple/ TAG=local +make container-node PREFIX=cinple/ TAG=new ``` Note that we need both `local` and `new` image tags for a rolling update e2e test case. Load the required images into the kind cluster: ```console -$ kind load docker-image ibmcom/operator-for-redis:local -$ kind load docker-image ibmcom/node-for-redis:local -$ kind load docker-image ibmcom/node-for-redis:new +$ kind load docker-image cinple/operator-for-redis-cluster-operator:local +$ kind load docker-image cinple/operator-for-redis-cluster-node:local +$ kind load docker-image cinple/operator-for-redis-cluster-node:new ``` -Once the kind cluster is up and running, deploy the `operator-for-redis` Helm chart: +Once the kind cluster is up and running, deploy the `operator-for-redis-cluster` Helm chart: ```console -$ helm install op charts/operator-for-redis --wait --set image.repository=ibmcom/operator-for-redis --set image.tag=local +$ helm install op charts/operator-for-redis --wait --set image.repository=cinple/operator-for-redis-cluster-operator --set image.tag=local NAME: op -LAST DEPLOYED: Thu Oct 21 15:11:51 2021 +LAST DEPLOYED: NAMESPACE: default STATUS: deployed REVISION: 1 diff --git a/go.mod b/go.mod index 52104543..9f778ec6 100644 --- a/go.mod +++ b/go.mod @@ -1,83 +1,89 @@ module github.com/IBM/operator-for-redis-cluster -go 1.20 +go 1.24.0 + +toolchain go1.24.3 require ( github.com/caarlos0/env/v6 v6.10.1 github.com/gogo/protobuf v1.3.2 - github.com/golang/glog v1.1.1 + github.com/golang/glog v1.2.5 github.com/heptiolabs/healthcheck v0.0.0-20211123025425-613501dd5deb - github.com/mediocregopher/radix/v4 v4.1.2 - github.com/olekukonko/tablewriter v0.0.5 + github.com/mediocregopher/radix/v4 v4.1.4 + github.com/olekukonko/tablewriter v1.0.7 github.com/onsi/ginkgo v1.16.5 - github.com/onsi/gomega v1.27.6 - github.com/prometheus/client_golang v1.14.0 - github.com/spf13/pflag v1.0.5 + github.com/onsi/gomega v1.37.0 + github.com/prometheus/client_golang v1.22.0 + github.com/spf13/pflag v1.0.6 gopkg.in/yaml.v3 v3.0.1 - k8s.io/api v0.26.3 - k8s.io/apimachinery v0.26.3 - k8s.io/client-go v0.26.3 - sigs.k8s.io/controller-runtime v0.14.6 + k8s.io/api v0.33.1 + k8s.io/apimachinery v0.33.1 + k8s.io/client-go v0.33.1 + sigs.k8s.io/controller-runtime v0.21.0 ) require ( github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.10.2 // indirect + github.com/emicklei/go-restful/v3 v3.12.2 // indirect github.com/evanphx/json-patch v5.6.0+incompatible // indirect - github.com/evanphx/json-patch/v5 v5.6.0 // indirect - github.com/fsnotify/fsnotify v1.6.0 // indirect - github.com/go-logr/logr v1.2.4 // indirect - github.com/go-logr/zapr v1.2.3 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect - github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.3 // indirect - github.com/google/gnostic v0.6.9 // indirect - github.com/google/go-cmp v0.5.9 // indirect - github.com/google/gofuzz v1.2.0 // indirect - github.com/google/uuid v1.3.0 // indirect - github.com/imdario/mergo v0.3.15 // indirect + github.com/evanphx/json-patch/v5 v5.9.11 // indirect + github.com/fatih/color v1.18.0 // indirect + github.com/fsnotify/fsnotify v1.9.0 // indirect + github.com/fxamacker/cbor/v2 v2.8.0 // indirect + github.com/go-logr/logr v1.4.3 // indirect + github.com/go-logr/zapr v1.3.0 // indirect + github.com/go-openapi/jsonpointer v0.21.1 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/swag v0.23.1 // indirect + github.com/google/btree v1.1.3 // indirect + github.com/google/gnostic-models v0.6.9 // indirect + github.com/google/go-cmp v0.7.0 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/mailru/easyjson v0.7.7 // indirect - github.com/mattn/go-runewidth v0.0.14 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect - github.com/moby/spdystream v0.2.0 // indirect + github.com/mailru/easyjson v0.9.0 // indirect + github.com/mattn/go-colorable v0.1.14 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-runewidth v0.0.16 // indirect + github.com/moby/spdystream v0.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/nxadm/tail v1.4.8 // indirect + github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect + github.com/nxadm/tail v1.4.11 // indirect + github.com/olekukonko/errors v1.1.0 // indirect + github.com/olekukonko/ll v0.0.8 // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/prometheus/client_model v0.3.0 // indirect - github.com/prometheus/common v0.42.0 // indirect - github.com/prometheus/procfs v0.9.0 // indirect - github.com/rivo/uniseg v0.4.4 // indirect + github.com/prometheus/client_model v0.6.2 // indirect + github.com/prometheus/common v0.64.0 // indirect + github.com/prometheus/procfs v0.16.1 // indirect + github.com/rivo/uniseg v0.4.7 // indirect github.com/tilinna/clock v1.1.0 // indirect - go.uber.org/atomic v1.10.0 // indirect + github.com/x448/float16 v0.8.4 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.24.0 // indirect - golang.org/x/net v0.9.0 // indirect - golang.org/x/oauth2 v0.7.0 // indirect - golang.org/x/sys v0.7.0 // indirect - golang.org/x/term v0.7.0 // indirect - golang.org/x/text v0.9.0 // indirect - golang.org/x/time v0.3.0 // indirect - gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.30.0 // indirect + go.uber.org/zap v1.27.0 // indirect + golang.org/x/net v0.40.0 // indirect + golang.org/x/oauth2 v0.30.0 // indirect + golang.org/x/sync v0.14.0 // indirect + golang.org/x/sys v0.33.0 // indirect + golang.org/x/term v0.32.0 // indirect + golang.org/x/text v0.25.0 // indirect + golang.org/x/time v0.11.0 // indirect + gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect + google.golang.org/protobuf v1.36.6 // indirect gopkg.in/DATA-DOG/go-sqlmock.v1 v1.3.0 // indirect + gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect - k8s.io/apiextensions-apiserver v0.26.3 // indirect - k8s.io/component-base v0.26.3 // indirect - k8s.io/klog/v2 v2.90.1 // indirect - k8s.io/kube-openapi v0.0.0-20230327201221-f5883ff37f0c // indirect - k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 // indirect - sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect + k8s.io/apiextensions-apiserver v0.33.1 // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff // indirect + k8s.io/utils v0.0.0-20250502105355-0f33e8f1c979 // indirect + sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + sigs.k8s.io/randfill v1.0.0 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.7.0 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/go.sum b/go.sum index eaa856dd..b0469126 100644 --- a/go.sum +++ b/go.sum @@ -1,138 +1,104 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= -github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= +github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= +github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= github.com/caarlos0/env/v6 v6.10.1 h1:t1mPSxNpei6M5yAeu1qtRdPAK29Nbcf/n3G7x+b3/II= github.com/caarlos0/env/v6 v6.10.1/go.mod h1:hvp/ryKXKipEkcuYjs9mI4bBCg+UI0Yhgm5Zu0ddvwc= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= -github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 h1:yUdfgN0XgIJw7foRItutHYUIhlcKzcSf5vDpdhQAKTc= -github.com/emicklei/go-restful/v3 v3.10.2 h1:hIovbnmBTLjHXkqEBUz3HGpXZdM7ZrE9fJIZIqlJLqE= -github.com/emicklei/go-restful/v3 v3.10.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= -github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ= +github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= +github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= -github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= -github.com/flowstack/go-jsonschema v0.1.1/go.mod h1:yL7fNggx1o8rm9RlgXv7hTBWxdBM0rVwpMwimd3F3N0= +github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU= +github.com/evanphx/json-patch/v5 v5.9.11/go.mod h1:3j+LviiESTElxA4p3EMKAB9HXj3/XEtnUf6OZxqIQTM= +github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= +github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/zapr v1.2.3 h1:a9vnzlIBPQBBkeaR9IuMUfmVOrQlkoC4YfPoFkX3T7A= -github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= +github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= +github.com/fxamacker/cbor/v2 v2.8.0 h1:fFtUGXUzXPHTIUdne5+zzMPTfffl3RD5qYnkY40vtxU= +github.com/fxamacker/cbor/v2 v2.8.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= +github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= +github.com/go-openapi/jsonpointer v0.21.1 h1:whnzv/pNXtK2FbX/W9yJfRmE2gsmkfahjMKB0fZvcic= +github.com/go-openapi/jsonpointer v0.21.1/go.mod h1:50I1STOfbY1ycR8jGz8DaMeLCdXiI6aDteEdRNNzpdk= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= +github.com/go-openapi/swag v0.23.1 h1:lpsStH0n2ittzTnbaSloVZLuB5+fvSY/+hnagBjSNZU= +github.com/go-openapi/swag v0.23.1/go.mod h1:STZs8TbRvEQQKUA+JZNAm3EWlgaOBGpyFDqQnDHMef0= +github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/glog v1.1.1 h1:jxpi2eWoU84wbX9iIEyAeeoac3FLuifZpY9tcNUD9kw= -github.com/golang/glog v1.1.1/go.mod h1:zR+okUeTbrL6EL3xHUDxZuEtGv04p5shwip1+mL/rLQ= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/glog v1.2.5 h1:DrW6hGnjIhtvhOIiAKT6Psh/Kd/ldepEa81DKeiRJ5I= +github.com/golang/glog v1.2.5/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= -github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/google/gnostic v0.6.9 h1:ZK/5VhkoX835RikCHpSUJV9a+S3e1zLh59YnyWeBW+0= -github.com/google/gnostic v0.6.9/go.mod h1:Nm8234We1lq6iB9OmlgNv3nH91XLLVZHCDayfA3xq+E= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg= +github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= +github.com/google/gnostic-models v0.6.9 h1:MU/8wDLif2qCXZmzncUQ/BOfxWfthHi63KqpoNbWqVw= +github.com/google/gnostic-models v0.6.9/go.mod h1:CiWsm0s6BSQd1hRn8/QmxqB6BesYcbSZxsz9b0KuDBw= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 h1:yAJXTCF9TqKcTiHJAE8dj7HMvPfh66eeA2JYW7eFpSE= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= +github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad h1:a6HEuzUHeKH6hwfN/ZoQgRgVIWFJljSWa/zetS2WTvg= +github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 h1:JeSE6pjso5THxAzdVpqr6/geYxZytqFMBCOtn/ujyeo= +github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674/go.mod h1:r4w70xmWCQKmi1ONH4KIaBptdivuRPyosB9RmPlGEwA= github.com/heptiolabs/healthcheck v0.0.0-20211123025425-613501dd5deb h1:tsEKRC3PU9rMw18w/uAptoijhgG4EvlA5kfJPtwrMDk= github.com/heptiolabs/healthcheck v0.0.0-20211123025425-613501dd5deb/go.mod h1:NtmN9h8vrTveVQRLHcX2HQ5wIPBDCsZ351TGbZWgg38= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/imdario/mergo v0.3.15 h1:M8XP7IuFNsqUx6VPK2P9OSmsYsI/YFaGil0uD21V3dM= -github.com/imdario/mergo v0.3.15/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo= +github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= -github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= -github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= -github.com/mediocregopher/radix/v4 v4.1.2 h1:Pj7XnNK5WuzzFy63g98pnccainAePK+aZNQRvxSvj2I= -github.com/mediocregopher/radix/v4 v4.1.2/go.mod h1:ajchozX/6ELmydxWeWM6xCFHVpZ4+67LXHOTOVR0nCE= -github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= +github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= +github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= +github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc= +github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/mediocregopher/radix/v4 v4.1.4 h1:Uze6DEbEAvL+VHXUEu/EDBTkUk5CLct5h3nVSGpc6Ts= +github.com/mediocregopher/radix/v4 v4.1.4/go.mod h1:ajchozX/6ELmydxWeWM6xCFHVpZ4+67LXHOTOVR0nCE= +github.com/moby/spdystream v0.5.0 h1:7r0J1Si3QO/kjRitvSLVVFUjxMEb/YLj6S9FF62JBCU= +github.com/moby/spdystream v0.5.0/go.mod h1:xBAYlnt/ay+11ShkdFKNAG7LsyK/tmNBVvVOwrfMgdI= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -140,112 +106,89 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= -github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= -github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= +github.com/nxadm/tail v1.4.11 h1:8feyoE3OzPrcshW5/MJ4sGESc5cqmGkGCWlco4l0bqY= +github.com/nxadm/tail v1.4.11/go.mod h1:OTaG3NK980DZzxbRq6lEuzgU+mug70nY11sMd4JXXHc= +github.com/olekukonko/errors v1.1.0 h1:RNuGIh15QdDenh+hNvKrJkmxxjV4hcS50Db478Ou5sM= +github.com/olekukonko/errors v1.1.0/go.mod h1:ppzxA5jBKcO1vIpCXQ9ZqgDh8iwODz6OXIGKU8r5m4Y= +github.com/olekukonko/ll v0.0.8 h1:sbGZ1Fx4QxJXEqL/6IG8GEFnYojUSQ45dJVwN2FH2fc= +github.com/olekukonko/ll v0.0.8/go.mod h1:En+sEW0JNETl26+K8eZ6/W4UQ7CYSrrgg/EdIYT2H8g= +github.com/olekukonko/tablewriter v1.0.7 h1:HCC2e3MM+2g72M81ZcJU11uciw6z/p82aEnm4/ySDGw= +github.com/olekukonko/tablewriter v1.0.7/go.mod h1:H428M+HzoUXC6JU2Abj9IT9ooRmdq9CxuDmKMtrOCMs= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.9.2 h1:BA2GMJOtfGAfagzYtrAlufIP0lq6QERkFmHLMLPwFSU= +github.com/onsi/ginkgo/v2 v2.23.3 h1:edHxnszytJ4lD9D5Jjc4tiDkPBZ3siDeJJkUZJJVkp0= +github.com/onsi/ginkgo/v2 v2.23.3/go.mod h1:zXTP6xIp3U8aVuXN8ENK9IXRaTjFnpVB9mGmaSRvxnM= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.27.6 h1:ENqfyGeS5AX/rlXDd/ETokDz93u0YufY1Pgxuy/PvWE= -github.com/onsi/gomega v1.27.6/go.mod h1:PIQNjfQwkP3aQAH7lf7j87O/5FiNr+ZR8+ipb+qQlhg= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/onsi/gomega v1.37.0 h1:CdEG8g0S133B4OswTDC/5XPSzE1OeP29QOioj2PID2Y= +github.com/onsi/gomega v1.37.0/go.mod h1:8D9+Txp43QWKhM24yyOBEdpkzN8FvJyAwecBgsU4KU0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.14.0 h1:nJdhIvne2eSX/XRAFV9PcvFFRbrjbcTUj0VP62TMhnw= -github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4= -github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= -github.com/prometheus/common v0.42.0 h1:EKsfXEYo4JpWMHH5cg+KOUWeuJSov1Id8zGR8eeI1YM= -github.com/prometheus/common v0.42.0/go.mod h1:xBwqVerjNdUDjgODMpudtOMwlOwf2SaTr1yjz4b7Zbc= -github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI= -github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY= +github.com/prometheus/client_golang v1.22.0 h1:rb93p9lokFEsctTys46VnV1kLCDpVZ0a/Y92Vm0Zc6Q= +github.com/prometheus/client_golang v1.22.0/go.mod h1:R7ljNsLXhuQXYZYtw6GAE9AZg8Y7vEW5scdCXrWRXC0= +github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= +github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE= +github.com/prometheus/common v0.64.0 h1:pdZeA+g617P7oGv1CzdTzyeShxAGrTBsolKNOLQPGO4= +github.com/prometheus/common v0.64.0/go.mod h1:0gZns+BLRQ3V6NdaerOhMbwwRbNh9hkGINtQAsP5GS8= +github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= +github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= -github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= -github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= -github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= -github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= +github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= +github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= +github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= +github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= +github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/tilinna/clock v1.0.2/go.mod h1:ZsP7BcY7sEEz7ktc0IVy8Us6boDrK8VradlKRUGfOao= github.com/tilinna/clock v1.1.0 h1:6IQQQCo6KoBxVudv6gwtY8o4eDfhHo8ojA5dP0MfhSs= github.com/tilinna/clock v1.1.0/go.mod h1:ZsP7BcY7sEEz7ktc0IVy8Us6boDrK8VradlKRUGfOao= -github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= -github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= -github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= -go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= -go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= -go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM= -golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.7.0 h1:qe6s0zUXlPX80/dITx3440hWZ7GwMwgDDyrSGTPJG/g= -golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= +golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY= +golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds= +golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= +golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sync v0.14.0 h1:woo0S4Yywslg6hp4eUFjTVOyKt0RookbpAHG4c1HmhQ= +golang.org/x/sync v0.14.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -254,120 +197,79 @@ golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.7.0 h1:BEvjmm5fURWqcfbSKTdpkDXYBrUS1c0m8agp14W48vQ= -golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= +golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg= +golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/text v0.25.0 h1:qVyWApTSYLk/drJRO5mDlNYskwQznZmkpV2c8q9zls4= +golang.org/x/text v0.25.0/go.mod h1:WEdwpYrmk1qmdHvhkSTNPm3app7v4rsT8F2UD6+VHIA= +golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0= +golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.7.0 h1:W4OVu8VVOaIO0yzWMNdepAulS7YfoS3Zabrm8DOXXU4= +golang.org/x/tools v0.30.0 h1:BgcpHewrV5AUp2G9MebG4XPFI1E2W41zU1SaqVA9vJY= +golang.org/x/tools v0.30.0/go.mod h1:c347cR/OJfw5TI+GfX7RUPNMdDRRbjvYTS0jPyvsVtY= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gomodules.xyz/jsonpatch/v2 v2.2.0 h1:4pT439QV83L+G9FkcCriY6EkpcK6r6bK+A5FBUMI7qY= -gomodules.xyz/jsonpatch/v2 v2.2.0/go.mod h1:WXp+iVDkoLQqPudfQ9GBlwB2eZ5DKOnjQZCYdOS8GPY= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= -google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= +gomodules.xyz/jsonpatch/v2 v2.5.0 h1:JELs8RLM12qJGXU4u/TO3V25KW8GreMKl9pdkk14RM0= +gomodules.xyz/jsonpatch/v2 v2.5.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= +google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= gopkg.in/DATA-DOG/go-sqlmock.v1 v1.3.0 h1:FVCohIoYO7IJoDDVpV2pdq7SgrMH6wHnuTyrdrxJNoY= gopkg.in/DATA-DOG/go-sqlmock.v1 v1.3.0/go.mod h1:OdE7CF6DbADk7lN8LIKRzRJTTZXIjtWgA5THM5lhBAw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= +gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.26.3 h1:emf74GIQMTik01Aum9dPP0gAypL8JTLl/lHa4V9RFSU= -k8s.io/api v0.26.3/go.mod h1:PXsqwPMXBSBcL1lJ9CYDKy7kIReUydukS5JiRlxC3qE= -k8s.io/apiextensions-apiserver v0.26.3 h1:5PGMm3oEzdB1W/FTMgGIDmm100vn7IaUP5er36dB+YE= -k8s.io/apiextensions-apiserver v0.26.3/go.mod h1:jdA5MdjNWGP+njw1EKMZc64xAT5fIhN6VJrElV3sfpQ= -k8s.io/apimachinery v0.26.3 h1:dQx6PNETJ7nODU3XPtrwkfuubs6w7sX0M8n61zHIV/k= -k8s.io/apimachinery v0.26.3/go.mod h1:ats7nN1LExKHvJ9TmwootT00Yz05MuYqPXEXaVeOy5I= -k8s.io/client-go v0.26.3 h1:k1UY+KXfkxV2ScEL3gilKcF7761xkYsSD6BC9szIu8s= -k8s.io/client-go v0.26.3/go.mod h1:ZPNu9lm8/dbRIPAgteN30RSXea6vrCpFvq+MateTUuQ= -k8s.io/component-base v0.26.3 h1:oC0WMK/ggcbGDTkdcqefI4wIZRYdK3JySx9/HADpV0g= -k8s.io/component-base v0.26.3/go.mod h1:5kj1kZYwSC6ZstHJN7oHBqcJC6yyn41eR+Sqa/mQc8E= -k8s.io/klog/v2 v2.90.1 h1:m4bYOKall2MmOiRaR1J+We67Do7vm9KiQVlT96lnHUw= -k8s.io/klog/v2 v2.90.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20230327201221-f5883ff37f0c h1:EFfsozyzZ/pggw5qNx7ftTVZdp7WZl+3ih89GEjYEK8= -k8s.io/kube-openapi v0.0.0-20230327201221-f5883ff37f0c/go.mod h1:byini6yhqGC14c3ebc/QwanvYwhuMWF6yz2F8uwW8eg= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.14.6 h1:oxstGVvXGNnMvY7TAESYk+lzr6S3V5VFxQ6d92KcwQA= -sigs.k8s.io/controller-runtime v0.14.6/go.mod h1:WqIdsAY6JBsjfc/CqO0CORmNtoCtE4S6qbPc9s68h+0= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +k8s.io/api v0.33.1 h1:tA6Cf3bHnLIrUK4IqEgb2v++/GYUtqiu9sRVk3iBXyw= +k8s.io/api v0.33.1/go.mod h1:87esjTn9DRSRTD4fWMXamiXxJhpOIREjWOSjsW1kEHw= +k8s.io/apiextensions-apiserver v0.33.1 h1:N7ccbSlRN6I2QBcXevB73PixX2dQNIW0ZRuguEE91zI= +k8s.io/apiextensions-apiserver v0.33.1/go.mod h1:uNQ52z1A1Gu75QSa+pFK5bcXc4hq7lpOXbweZgi4dqA= +k8s.io/apimachinery v0.33.1 h1:mzqXWV8tW9Rw4VeW9rEkqvnxj59k1ezDUl20tFK/oM4= +k8s.io/apimachinery v0.33.1/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM= +k8s.io/client-go v0.33.1 h1:ZZV/Ks2g92cyxWkRRnfUDsnhNn28eFpt26aGc8KbXF4= +k8s.io/client-go v0.33.1/go.mod h1:JAsUrl1ArO7uRVFWfcj6kOomSlCv+JpvIsp6usAGefA= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff h1:/usPimJzUKKu+m+TE36gUyGcf03XZEP0ZIKgKj35LS4= +k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff/go.mod h1:5jIi+8yX4RIb8wk3XwBo5Pq2ccx4FP10ohkbSKCZoK8= +k8s.io/utils v0.0.0-20250502105355-0f33e8f1c979 h1:jgJW5IePPXLGB8e/1wvd0Ich9QE97RvvF3a8J3fP/Lg= +k8s.io/utils v0.0.0-20250502105355-0f33e8f1c979/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.21.0 h1:CYfjpEuicjUecRk+KAeyYh+ouUBn4llGyDYytIGcJS8= +sigs.k8s.io/controller-runtime v0.21.0/go.mod h1:OSg14+F65eWqIu4DceX7k/+QRAbTTvxeQSNSOQpukWM= +sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= +sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/randfill v0.0.0-20250304075658-069ef1bbf016/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= +sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= +sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= +sigs.k8s.io/structured-merge-diff/v4 v4.7.0 h1:qPeWmscJcXP0snki5IYF79Z8xrl8ETFxgMd7wez1XkI= +sigs.k8s.io/structured-merge-diff/v4 v4.7.0/go.mod h1:dDy58f92j70zLsuZVuUX5Wp9vtxXpaZnkPGWeqDfCps= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/pkg/controller/actions.go b/pkg/controller/actions.go index f6102639..8b01f5fc 100644 --- a/pkg/controller/actions.go +++ b/pkg/controller/actions.go @@ -34,7 +34,10 @@ func (c *Controller) clusterAction(ctx context.Context, admin redis.AdminInterfa } if needSanity { glog.V(3).Infof("[clusterAction] run sanity check cluster: %s/%s", cluster.Namespace, cluster.Name) - result.Requeue, err = sanitycheck.RunSanityChecks(ctx, admin, &c.config.redis, c.podControl, cluster, infos, false) + requeue, err := sanitycheck.RunSanityChecks(ctx, admin, &c.config.redis, c.podControl, cluster, infos, false) + if requeue { + result.RequeueAfter = time.Second + } return result, err } @@ -44,7 +47,7 @@ func (c *Controller) clusterAction(ctx context.Context, admin redis.AdminInterfa return result, err } - glog.V(6).Infof("[clusterAction] cluster change for RedisCluster %s/%s: %v", cluster.Namespace, cluster.Name, result.Requeue) + glog.V(6).Infof("[clusterAction] cluster change for RedisCluster %s/%s: %v", cluster.Namespace, cluster.Name, result.RequeueAfter) return result, nil } @@ -86,7 +89,10 @@ func (c *Controller) applyConfiguration(ctx context.Context, admin redis.AdminIn } if c.needsLessPods(cluster) { glog.Info("applyConfiguration needLessPods") - result.Requeue, err = c.managePodScaleDown(ctx, admin, cluster, newCluster, nodes) + requeue, err := c.managePodScaleDown(ctx, admin, cluster, newCluster, nodes) + if requeue { + result.RequeueAfter = time.Second + } return result, err } @@ -96,11 +102,13 @@ func (c *Controller) applyConfiguration(ctx context.Context, admin redis.AdminIn return result, err } - result.Requeue, err = scalingOperations(ctx, admin, cluster, newCluster, nodes) + requeue, err := scalingOperations(ctx, admin, cluster, newCluster, nodes) if err != nil { return result, err } - + if requeue { + result.RequeueAfter = time.Second + } glog.V(4).Infof("new nodes status: \n %v", nodes) cluster.Status.Cluster.Status = rapi.ClusterStatusOK diff --git a/pkg/controller/actions_test.go b/pkg/controller/actions_test.go index 14053d23..843864f8 100644 --- a/pkg/controller/actions_test.go +++ b/pkg/controller/actions_test.go @@ -3,6 +3,7 @@ package controller import ( "context" "reflect" + "time" "github.com/IBM/operator-for-redis-cluster/internal/testutil" @@ -451,7 +452,7 @@ func TestController_applyConfiguration(t *testing.T) { }, }, }, - want: ctrl.Result{Requeue: true}, + want: ctrl.Result{RequeueAfter: time.Second}, wantErr: false, }, } diff --git a/pkg/controller/checks_test.go b/pkg/controller/checks_test.go index 68921e88..f8c1dfed 100644 --- a/pkg/controller/checks_test.go +++ b/pkg/controller/checks_test.go @@ -1208,7 +1208,7 @@ func Test_filterLostNodes(t *testing.T) { pods = append(pods, kapiv1.Pod{Status: kapiv1.PodStatus{Reason: "Finished"}}) pods = append(pods, kapiv1.Pod{Status: kapiv1.PodStatus{Reason: "NodeLost"}}) ok, ko := filterLostNodes(pods) - if !(len(ok) == 2 || len(ko) == 1) { + if len(ok) != 2 || len(ko) != 1 { t.Errorf("filterLostNodes() wrong result ok: %v, ko: %v", ok, ko) } } diff --git a/pkg/controller/controller.go b/pkg/controller/controller.go index 1dcbd136..2db23e85 100644 --- a/pkg/controller/controller.go +++ b/pkg/controller/controller.go @@ -97,7 +97,8 @@ func (c *Controller) Reconcile(ctx context.Context, namespacedName ctrl.Request) if !rapi.IsRedisClusterDefaulted(sharedRedisCluster) { defaultedRedisCluster := rapi.DefaultRedisCluster(sharedRedisCluster) - if result.Requeue = c.updateRedisClusterSpec(defaultedRedisCluster); result.Requeue { + if c.updateRedisClusterSpec(defaultedRedisCluster) { + result.RequeueAfter = time.Second return result, nil } glog.V(6).Infof("RedisCluster %s correctly defaulted", namespacedName) @@ -112,7 +113,8 @@ func (c *Controller) Reconcile(ctx context.Context, namespacedName ctrl.Request) // init status.StartTime if redisCluster.Status.StartTime == nil { redisCluster.Status.StartTime = &startTime - if result.Requeue = c.updateRedisClusterStatus(ctx, redisCluster); result.Requeue { + if c.updateRedisClusterStatus(ctx, redisCluster) { + result.RequeueAfter = time.Second return result, nil } glog.V(4).Infof("startTime updated for RedisCluster %s", namespacedName) @@ -309,14 +311,16 @@ func (c *Controller) syncCluster(ctx context.Context, redisCluster *rapi.RedisCl return result, err } if c.updateClusterStatus(ctx, redisCluster) { - result.Requeue = true + result.RequeueAfter = time.Second } return result, nil } } setClusterStatusCondition(&redisCluster.Status, true) - result.Requeue = c.updateClusterStatus(ctx, redisCluster) + if c.updateClusterStatus(ctx, redisCluster) { + result.RequeueAfter = time.Second + } return result, nil } diff --git a/pkg/controller/sanitycheck/clustersplit.go b/pkg/controller/sanitycheck/clustersplit.go index 62958af0..586ff615 100644 --- a/pkg/controller/sanitycheck/clustersplit.go +++ b/pkg/controller/sanitycheck/clustersplit.go @@ -36,7 +36,7 @@ func reassignClusters(ctx context.Context, admin redis.AdminInterface, config *c mainCluster, badClusters := splitMainCluster(clusters) if len(mainCluster) == 0 { glog.Error("[SanityChecks] Impossible to fix cluster split, cannot elect main cluster") - return fmt.Errorf("Impossible to fix cluster split, cannot elect main cluster") + return fmt.Errorf("impossible to fix cluster split, cannot elect main cluster") } glog.Infof("[SanityChecks] Cluster '%s' is elected as main cluster", mainCluster) // reset admin to connect to the correct cluster diff --git a/pkg/controller/sanitycheck/process.go b/pkg/controller/sanitycheck/process.go index 7e6fce1e..ec7f8dab 100644 --- a/pkg/controller/sanitycheck/process.go +++ b/pkg/controller/sanitycheck/process.go @@ -19,7 +19,7 @@ func RunSanityChecks(ctx context.Context, admin redis.AdminInterface, config *co return false, nil } // * fix failed nodes: in some cases (cluster without enough primary after crash or scale down), some nodes may still know about fail nodes - if actionDone, err = FixFailedNodes(ctx, admin, cluster, infos, dryRun); err != nil { + if actionDone, err := FixFailedNodes(ctx, admin, cluster, infos, dryRun); err != nil { return actionDone, err } else if actionDone { glog.V(2).Infof("FixFailedNodes executed an action on the cluster (dryRun: %v)", dryRun) @@ -27,7 +27,7 @@ func RunSanityChecks(ctx context.Context, admin redis.AdminInterface, config *co } // forget nodes and delete pods when a redis node is untrusted. - if actionDone, err = FixUntrustedNodes(ctx, admin, podControl, cluster, infos, dryRun); err != nil { + if actionDone, err := FixUntrustedNodes(ctx, admin, podControl, cluster, infos, dryRun); err != nil { return actionDone, err } else if actionDone { glog.V(2).Infof("FixUntrustedNodes executed an action on the cluster (dryRun: %v)", dryRun) @@ -35,7 +35,7 @@ func RunSanityChecks(ctx context.Context, admin redis.AdminInterface, config *co } // delete pods that are stuck in terminating state - if actionDone, err = FixTerminatingPods(cluster, podControl, 1*time.Minute, dryRun); err != nil { + if actionDone, err := FixTerminatingPods(cluster, podControl, 1*time.Minute, dryRun); err != nil { return actionDone, err } else if actionDone { glog.V(2).Infof("FixTerminatingPods executed an action on the cluster (dryRun: %v)", dryRun) @@ -43,12 +43,12 @@ func RunSanityChecks(ctx context.Context, admin redis.AdminInterface, config *co } // detect and fix cluster split - if actionDone, err = FixClusterSplit(ctx, admin, config, infos, dryRun); err != nil { + if actionDone, err := FixClusterSplit(ctx, admin, config, infos, dryRun); err != nil { return actionDone, err } else if actionDone { glog.V(2).Infof("FixClusterSplit executed an action on the cluster (dryRun: %v)", dryRun) return actionDone, nil } - return actionDone, err + return actionDone, nil } diff --git a/pkg/garbagecollector/garbagecollector.go b/pkg/garbagecollector/garbagecollector.go index 6d384f74..f24f6a6b 100644 --- a/pkg/garbagecollector/garbagecollector.go +++ b/pkg/garbagecollector/garbagecollector.go @@ -85,7 +85,7 @@ func (c *GarbageCollector) collectRedisClusterPods() error { for _, pod := range pods.Items { redisclusterName, found := pod.Labels[rapi.ClusterNameLabelKey] if !found || len(redisclusterName) == 0 { - errs = append(errs, fmt.Errorf("Unable to find rediscluster name for pod: %s/%s", pod.Namespace, pod.Name)) + errs = append(errs, fmt.Errorf("unable to find rediscluster name for pod: %s/%s", pod.Namespace, pod.Name)) continue } if _, done := collected[path.Join(pod.Namespace, redisclusterName)]; done { @@ -95,7 +95,7 @@ func (c *GarbageCollector) collectRedisClusterPods() error { err := c.kubeClient.Get(context.Background(), types.NamespacedName{Namespace: pod.Namespace, Name: redisclusterName}, &rapi.RedisCluster{}) if err == nil || !apierrors.IsNotFound(err) { if err != nil { - errs = append(errs, fmt.Errorf("Unexpected error retrieving rediscluster %s/%s for pod %s/%s: %v", pod.Namespace, redisclusterName, pod.Namespace, pod.Name, err)) + errs = append(errs, fmt.Errorf("unexpected error retrieving rediscluster %s/%s for pod %s/%s: %v", pod.Namespace, redisclusterName, pod.Namespace, pod.Name, err)) } continue } @@ -110,7 +110,7 @@ func (c *GarbageCollector) collectRedisClusterPods() error { client.PropagationPolicy(metav1.DeletePropagationBackground), ) if err != nil { - errs = append(errs, fmt.Errorf("Unable to delete Collection of pods for rediscluster %s/%s", pod.Namespace, redisclusterName)) + errs = append(errs, fmt.Errorf("unable to delete Collection of pods for rediscluster %s/%s", pod.Namespace, redisclusterName)) continue } collected[path.Join(pod.Namespace, redisclusterName)] = struct{}{} // inserted in the collected map @@ -132,7 +132,7 @@ func (c *GarbageCollector) collectRedisClusterServices() error { for _, service := range services.Items { clusterName, found := service.Labels[rapi.ClusterNameLabelKey] if !found || len(clusterName) == 0 { - errs = append(errs, fmt.Errorf("Unable to find rediscluster name for service: %s/%s", service.Namespace, service.Name)) + errs = append(errs, fmt.Errorf("unable to find rediscluster name for service: %s/%s", service.Namespace, service.Name)) continue } if _, done := collected[path.Join(service.Namespace, clusterName)]; done { @@ -141,13 +141,13 @@ func (c *GarbageCollector) collectRedisClusterServices() error { err = c.kubeClient.Get(context.Background(), types.NamespacedName{Namespace: service.Namespace, Name: clusterName}, &rapi.RedisCluster{}) if err == nil || !apierrors.IsNotFound(err) { if err != nil { - errs = append(errs, fmt.Errorf("Unexpected error retrieving rediscluster %s/%s cache: %v", service.Namespace, clusterName, err)) + errs = append(errs, fmt.Errorf("unexpected error retrieving rediscluster %s/%s cache: %v", service.Namespace, clusterName, err)) } continue } // NotFound error: Hence remove all the pods. if err := c.deleteRedisClusterServices(service.Namespace, clusterName); err != nil { - errs = append(errs, fmt.Errorf("Unable to delete Collection of services for rediscluster %s/%s", service.Namespace, clusterName)) + errs = append(errs, fmt.Errorf("unable to delete Collection of services for rediscluster %s/%s", service.Namespace, clusterName)) continue } diff --git a/pkg/garbagecollector/garbagecollector_test.go b/pkg/garbagecollector/garbagecollector_test.go index 2911c31e..3cc4e036 100644 --- a/pkg/garbagecollector/garbagecollector_test.go +++ b/pkg/garbagecollector/garbagecollector_test.go @@ -77,7 +77,7 @@ func TestGarbageCollector_CollectRedisClusterJobs(t *testing.T) { gc.kubeClient = fakeClient.Build() return gc }, - errorMessage: "Unable to find rediscluster name for pod: /testpod", + errorMessage: "unable to find rediscluster name for pod: /testpod", }, "error getting service with label without value": { TweakGarbageCollector: func(gc *GarbageCollector) *GarbageCollector { @@ -91,7 +91,7 @@ func TestGarbageCollector_CollectRedisClusterJobs(t *testing.T) { gc.kubeClient = fakeClient.Build() return gc }, - errorMessage: "Unable to find rediscluster name for service: /testservice", + errorMessage: "unable to find rediscluster name for service: /testservice", }, "no rediscluster found for pod": { TweakGarbageCollector: func(gc *GarbageCollector) *GarbageCollector { diff --git a/pkg/redis/admin.go b/pkg/redis/admin.go index 28ea2334..d0e615d7 100644 --- a/pkg/redis/admin.go +++ b/pkg/redis/admin.go @@ -567,7 +567,6 @@ func (a *Admin) MigrateKeys(ctx context.Context, source *Node, dest *Node, slots slotSlice := slots[i:endIndex] for _, slot := range slotSlice { wg.Add(1) - slot := slot go func() { defer wg.Done() if scaling || *spec.RollingUpdate.KeyMigration { diff --git a/pkg/redis/fake/redis.go b/pkg/redis/fake/redis.go index 2a585a33..7d3063f1 100644 --- a/pkg/redis/fake/redis.go +++ b/pkg/redis/fake/redis.go @@ -311,7 +311,8 @@ func writeErr(w io.Writer, buf []byte, ierr error) (int64, error) { var err error var written int64 written, err = writeBytesHelper(w, errPrefix, written, err) - written, err = writeBytesHelper(w, []byte(ierr.Error()), written, err) + buf = append(buf[:0], ierr.Error()...) + written, err = writeBytesHelper(w, buf, written, err) written, err = writeBytesHelper(w, delim, written, err) return written, err } diff --git a/pkg/redis/fake/redis_test.go b/pkg/redis/fake/redis_test.go index cc913f94..3be7e0fb 100644 --- a/pkg/redis/fake/redis_test.go +++ b/pkg/redis/fake/redis_test.go @@ -127,7 +127,7 @@ func TestNewRedisServer(t *testing.T) { for i, tt := range testCases { // write to fake redis - fmt.Fprintf(conn, tt.input) + fmt.Fprint(conn, tt.input) //read from fake redis var message []string diff --git a/pkg/redis/slot.go b/pkg/redis/slot.go index 9ea59465..62c86262 100644 --- a/pkg/redis/slot.go +++ b/pkg/redis/slot.go @@ -99,12 +99,13 @@ func DecodeSlotRange(str string) (SlotSlice, *ImportingSlot, *MigratingSlot, err if err != nil { return slots, nil, nil, err } - if separator == importingSeparator { + switch separator { + case importingSeparator: return slots, &ImportingSlot{SlotID: slot, FromNodeID: strings.TrimSuffix(val[2], "]")}, nil, err - } else if separator == migratingSeparator { + case migratingSeparator: return slots, nil, &MigratingSlot{SlotID: slot, ToNodeID: strings.TrimSuffix(val[2], "]")}, err - } else { - return slots, nil, nil, fmt.Errorf("Impossible to decode slot %s", str) + default: + return slots, nil, nil, fmt.Errorf("impossible to decode slot %s", str) } } else if len(val) > 0 { min, err = DecodeSlot(val[0]) @@ -120,7 +121,7 @@ func DecodeSlotRange(str string) (SlotSlice, *ImportingSlot, *MigratingSlot, err max = min } } else { - return slots, nil, nil, fmt.Errorf("Impossible to decode slot '%s'", str) + return slots, nil, nil, fmt.Errorf("impossible to decode slot '%s'", str) } slots = BuildSlotSlice(min, max) diff --git a/pkg/redis/slot_test.go b/pkg/redis/slot_test.go index 6407e26a..9dd0bd24 100644 --- a/pkg/redis/slot_test.go +++ b/pkg/redis/slot_test.go @@ -29,7 +29,7 @@ func TestSlotRangeDecode(t *testing.T) { continue } if !reflect.DeepEqual(result, tt.slots) { - if !(len(tt.slots) == 0 && len(result) == 0) { + if len(tt.slots) != 0 || len(result) != 0 { t.Errorf("expected result to be '%s', got '%s'", tt.slots, result) } } diff --git a/pkg/redisnode/redisnode.go b/pkg/redisnode/redisnode.go index 714b70f9..7c67ad0c 100644 --- a/pkg/redisnode/redisnode.go +++ b/pkg/redisnode/redisnode.go @@ -26,6 +26,8 @@ import ( "github.com/IBM/operator-for-redis-cluster/pkg/redis" "github.com/IBM/operator-for-redis-cluster/pkg/utils" + + discoveryv1 "k8s.io/api/discovery/v1" ) // RedisNode contains all info to run the redis-node. @@ -165,7 +167,7 @@ func (r *RedisNode) run(me *Node) (*Node, error) { return nil, starter } - configFunc := func() (bool, error) { + configFunc := func(ctx context.Context) (bool, error) { // Initial redis server configuration nodes, initCluster := r.isClusterInitialization(me.Addr) @@ -187,7 +189,7 @@ func (r *RedisNode) run(me *Node) (*Node, error) { } ctx, cancelFunc := context.WithTimeout(context.Background(), time.Minute) defer cancelFunc() - err := wait.PollUntil(2*time.Second, configFunc, ctx.Done()) + err := wait.PollUntilContextCancel(ctx, 2*time.Second, true, configFunc) if err != nil { glog.Errorf("Failed polling: %v", err) return nil, err @@ -335,7 +337,7 @@ func testAndWaitConnection(ctx context.Context, addr string, maxWait time.Durati currentTime := time.Now() timeout := waitTime - startTime.Sub(currentTime) if timeout <= 0 { - return errors.New("Timeout reached") + return errors.New("timeout reached") } dialer := &radix.Dialer{ NetDialer: &net.Dialer{ @@ -365,15 +367,24 @@ func testAndWaitConnection(ctx context.Context, addr string, maxWait time.Durati func getRedisNodesAddrs(kubeClient clientset.Interface, namespace, service string) ([]string, error) { addrs := []string{} - eps, err := kubeClient.CoreV1().Endpoints(namespace).Get(context.Background(), service, metav1.GetOptions{}) + endpointSlices, err := kubeClient.DiscoveryV1().EndpointSlices(namespace).List(context.Background(), + metav1.ListOptions{LabelSelector: discoveryv1.LabelServiceName + "=" + service}) if err != nil { return addrs, err } - for _, subset := range eps.Subsets { - for _, host := range subset.Addresses { - for _, port := range subset.Ports { - addrs = append(addrs, net.JoinHostPort(host.IP, strconv.Itoa(int(port.Port)))) + for _, endpointSlice := range endpointSlices.Items { + for _, endpoint := range endpointSlice.Endpoints { + // Only include ready endpoints to avoid circular dependencies + if endpoint.Conditions.Ready != nil && !*endpoint.Conditions.Ready { + continue + } + for _, port := range endpointSlice.Ports { + for _, address := range endpoint.Addresses { + if port.Port != nil { + addrs = append(addrs, net.JoinHostPort(address, strconv.Itoa(int(*port.Port)))) + } + } } } } diff --git a/pkg/redisnode/redisnode_test.go b/pkg/redisnode/redisnode_test.go index 04c7cbd8..3c872f39 100644 --- a/pkg/redisnode/redisnode_test.go +++ b/pkg/redisnode/redisnode_test.go @@ -8,7 +8,7 @@ import ( "os" "testing" - kapi "k8s.io/api/core/v1" + discoveryv1 "k8s.io/api/discovery/v1" kmetav1 "k8s.io/apimachinery/pkg/apis/meta/v1" kfakeclient "k8s.io/client-go/kubernetes/fake" @@ -33,6 +33,10 @@ func TestTestAndWaitConnection(t *testing.T) { } } +func int32Ptr(i int32) *int32 { + return &i +} + func TestIsClusterInitialization(t *testing.T) { currentIP := "1.2.3.4" conf := Config{ @@ -42,26 +46,55 @@ func TestIsClusterInitialization(t *testing.T) { testCases := []struct { name string - endpoints kapi.Endpoints + endpointSlice discoveryv1.EndpointSlice isInitialization bool }{ { - name: "1) test init true", - endpoints: kapi.Endpoints{ObjectMeta: kmetav1.ObjectMeta{Name: "redis-service", Namespace: "default"}, Subsets: []kapi.EndpointSubset{}}, //empty + name: "1) test init true", + endpointSlice: discoveryv1.EndpointSlice{ + ObjectMeta: kmetav1.ObjectMeta{ + Name: "redis-service-slice", + Namespace: "default", + Labels: map[string]string{discoveryv1.LabelServiceName: "redis-service"}, + }, + AddressType: discoveryv1.AddressTypeIPv4, + Endpoints: []discoveryv1.Endpoint{}, // empty + Ports: []discoveryv1.EndpointPort{{Port: int32Ptr(1234)}}, + }, isInitialization: true, }, { name: "2) test init false", - endpoints: kapi.Endpoints{ObjectMeta: kmetav1.ObjectMeta{Name: "redis-service", Namespace: "default"}, Subsets: []kapi.EndpointSubset{ - {Addresses: []kapi.EndpointAddress{{IP: "1.0.0.1"}, {IP: "1.0.0.2"}, {IP: "1.0.0.3"}}, Ports: []kapi.EndpointPort{{Port: 1234}}}, // full - }}, + endpointSlice: discoveryv1.EndpointSlice{ + ObjectMeta: kmetav1.ObjectMeta{ + Name: "redis-service-slice", + Namespace: "default", + Labels: map[string]string{discoveryv1.LabelServiceName: "redis-service"}, + }, + AddressType: discoveryv1.AddressTypeIPv4, + Endpoints: []discoveryv1.Endpoint{ + {Addresses: []string{"1.0.0.1"}}, + {Addresses: []string{"1.0.0.2"}}, + {Addresses: []string{"1.0.0.3"}}, + }, + Ports: []discoveryv1.EndpointPort{{Port: int32Ptr(1234)}}, + }, isInitialization: false, }, { name: "3) test init true", - endpoints: kapi.Endpoints{ObjectMeta: kmetav1.ObjectMeta{Name: "redis-service", Namespace: "default"}, Subsets: []kapi.EndpointSubset{ - {Addresses: []kapi.EndpointAddress{{IP: currentIP}}, Ports: []kapi.EndpointPort{{Port: 1234}}}, // only current - }}, + endpointSlice: discoveryv1.EndpointSlice{ + ObjectMeta: kmetav1.ObjectMeta{ + Name: "redis-service-slice", + Namespace: "default", + Labels: map[string]string{discoveryv1.LabelServiceName: "redis-service"}, + }, + AddressType: discoveryv1.AddressTypeIPv4, + Endpoints: []discoveryv1.Endpoint{ + {Addresses: []string{currentIP}}, + }, + Ports: []discoveryv1.EndpointPort{{Port: int32Ptr(1234)}}, + }, isInitialization: true, }, } @@ -69,7 +102,7 @@ func TestIsClusterInitialization(t *testing.T) { for _, tc := range testCases { node := &RedisNode{ config: &conf, - kubeClient: kfakeclient.NewSimpleClientset(&tc.endpoints), + kubeClient: kfakeclient.NewSimpleClientset(&tc.endpointSlice), } _, isInit := node.isClusterInitialization(currentIP) if isInit != tc.isInitialization { @@ -96,25 +129,24 @@ func TestRedisInitializationAttach(t *testing.T) { fakeAdmin := admin.NewFakeAdmin() fakeAdmin.AddrError[myIP] = errors.New("Should not call init cluster") - endpoint := kapi.Endpoints{ + endpointSlice := discoveryv1.EndpointSlice{ ObjectMeta: kmetav1.ObjectMeta{ - Name: "redis-service", + Name: "redis-service-slice", Namespace: "default", + Labels: map[string]string{discoveryv1.LabelServiceName: "redis-service"}, }, - Subsets: []kapi.EndpointSubset{ - { - Addresses: []kapi.EndpointAddress{ - {IP: "1.1.1.1"}, - {IP: "2.2.2.2"}, - }, - }, + AddressType: discoveryv1.AddressTypeIPv4, + Endpoints: []discoveryv1.Endpoint{ + {Addresses: []string{"1.1.1.1"}}, + {Addresses: []string{"2.2.2.2"}}, }, + Ports: []discoveryv1.EndpointPort{{Port: int32Ptr(1234)}}, } rn := &RedisNode{ config: c, redisAdmin: fakeAdmin, - kubeClient: kfakeclient.NewSimpleClientset(&endpoint), + kubeClient: kfakeclient.NewSimpleClientset(&endpointSlice), } node, err := rn.init() diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go index df4df85b..a3825db0 100644 --- a/pkg/utils/utils.go +++ b/pkg/utils/utils.go @@ -167,13 +167,13 @@ func StringToByteString(value string) (string, error) { case "kb": result *= Kibibyte case "m": - result *= int64(math.Pow(Kilobyte, 2)) + result *= int64(Kilobyte * Kilobyte) case "mb": - result *= int64(math.Pow(Kibibyte, 2)) + result *= int64(Kibibyte * Kibibyte) case "g": - result *= int64(math.Pow(Kilobyte, 3)) + result *= int64(Kilobyte * Kilobyte * Kilobyte) case "gb": - result *= int64(math.Pow(Kibibyte, 3)) + result *= int64(Kibibyte * Kibibyte * Kibibyte) } return strconv.FormatInt(result, 10), nil } diff --git a/pkg/utils/utils_test.go b/pkg/utils/utils_test.go index 6834ee04..2fece9b6 100644 --- a/pkg/utils/utils_test.go +++ b/pkg/utils/utils_test.go @@ -1,7 +1,6 @@ package utils_test import ( - "math" "reflect" "strconv" "testing" @@ -449,22 +448,22 @@ func TestStringToByteString(t *testing.T) { { name: "megabyte", value: "10m", - want: strconv.Itoa(int(math.Pow(utils.Kilobyte, 2)) * 10), + want: strconv.Itoa(int(utils.Kilobyte*utils.Kilobyte) * 10), }, { name: "mebibyte", value: "10mb", - want: strconv.Itoa(int(math.Pow(utils.Kibibyte, 2)) * 10), + want: strconv.Itoa(int(utils.Kibibyte*utils.Kibibyte) * 10), }, { name: "gigabyte", value: "10g", - want: strconv.Itoa(int(math.Pow(utils.Kilobyte, 3)) * 10), + want: strconv.Itoa(int(utils.Kilobyte*utils.Kilobyte*utils.Kilobyte) * 10), }, { name: "gibibyte", value: "10gb", - want: strconv.Itoa(int(math.Pow(utils.Kibibyte, 3)) * 10), + want: strconv.Itoa(int(utils.Kibibyte*utils.Kibibyte*utils.Kibibyte) * 10), }, { name: "capital unit", diff --git a/test/e2e/e2e_test.go b/test/e2e/e2e_test.go index 89a87499..db1ecb3a 100644 --- a/test/e2e/e2e_test.go +++ b/test/e2e/e2e_test.go @@ -3,6 +3,7 @@ package e2e import ( goflag "flag" "os" + "path/filepath" "testing" "github.com/golang/glog" @@ -15,9 +16,20 @@ func TestE2E(t *testing.T) { RunE2ETests(t) } +func getDefaultKubeConfig() string { + if v, ok := os.LookupEnv("KUBECONFIG"); ok { + return v + } + home, err := os.UserHomeDir() + if err != nil { + return "" + } + return filepath.Join(home, ".kube", "config") +} + func TestMain(m *testing.M) { - pflag.StringVar(&framework.FrameworkContext.KubeConfigPath, "kubeconfig", "", "Path to kubeconfig") + pflag.StringVar(&framework.FrameworkContext.KubeConfigPath, "kubeconfig", getDefaultKubeConfig(), "Path to kubeconfig") pflag.StringVar(&framework.FrameworkContext.ImageTag, "image-tag", "local", "image tag") pflag.CommandLine.AddGoFlagSet(goflag.CommandLine) pflag.Parse() diff --git a/test/e2e/framework/framework.go b/test/e2e/framework/framework.go index e7280aac..aef68fee 100644 --- a/test/e2e/framework/framework.go +++ b/test/e2e/framework/framework.go @@ -7,10 +7,11 @@ import ( "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" - "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" kclient "sigs.k8s.io/controller-runtime/pkg/client" + logf "sigs.k8s.io/controller-runtime/pkg/log" + "sigs.k8s.io/controller-runtime/pkg/log/zap" ) // Framework stores necessary info to run e2e @@ -28,6 +29,9 @@ var FrameworkContext frameworkContextType // NewFramework creates and initializes the Framework struct func NewFramework() (*Framework, error) { + // Initialize controller-runtime logger to prevent warnings + logf.SetLogger(zap.New(zap.UseDevMode(true))) + Logf("KubeconfigPath-> %q", FrameworkContext.KubeConfigPath) kubeConfig, err := clientcmd.BuildConfigFromFlags("", FrameworkContext.KubeConfigPath) if err != nil { diff --git a/test/e2e/framework/redis_cluster_handlers.go b/test/e2e/framework/redis_cluster_handlers.go index 0b85d959..23dbb170 100644 --- a/test/e2e/framework/redis_cluster_handlers.go +++ b/test/e2e/framework/redis_cluster_handlers.go @@ -28,7 +28,7 @@ import ( ) const ( - redisImageName = "ibmcom/node-for-redis" + redisImageName = "cinple/operator-for-redis-cluster-node" ) // NewRedisCluster builds and returns a new RedisCluster instance @@ -437,6 +437,11 @@ func CreateRedisNodeServiceAccountFunc(kubeClient kclient.Client, redisCluster * Resources: []string{"namespaces", "services", "endpoints", "pods"}, Verbs: []string{"list", "get"}, }, + { + APIGroups: []string{"discovery.k8s.io"}, + Resources: []string{"endpointslices"}, + Verbs: []string{"list", "get"}, + }, }, } err = kubeClient.Create(context.Background(), cr)